WIP: Gentle re-authentication modal/popup. #560
Conversation
tech4him1
force-pushed
the
gentle-reauth
branch
from
b3951f2 to
367f751
Compare
tech4him1
force-pushed
the
gentle-reauth
branch
from
367f751 to
6a00dc8
Compare
tech4him1
force-pushed
the
gentle-reauth
branch
from
9464334 to
b22f85e
Compare
tech4him1
force-pushed
the
gentle-reauth
branch
from
c3bf297 to
9f563bb
Compare
tech4him1
force-pushed
the
gentle-reauth
branch
4 times, most recently
from
86978e4 to
3d8f54c
Compare
tech4him1
changed the title
|
@tech4him1 thought this was WIP for some reason, will review next week. In the meantime, can you rebase? Some guy pushed a bunch of changes and broke everything 😛 |
tech4him1
force-pushed
the
gentle-reauth
branch
from
3d8f54c to
bba1361
Compare
|
Deploy preview ready! Built with commit 1607dd3 |
|
Deploy preview ready! Built with commit 1607dd3 |
tech4him1
force-pushed
the
gentle-reauth
branch
3 times, most recently
from
9937289 to
8f69f0e
Compare
tech4him1
changed the title
tech4him1
added
area: auth
status: 2-code-review
and removed
status: 2-code-review
labels
We were clearing out any old user state when sending an authentication request (or failure), which makes sense, but we have to keep the old user object while re-authenticating or it will ruin our app's current state. This doesn't change our current (initial) auth at all.
tech4him1
changed the title
tech4him1
force-pushed
the
gentle-reauth
branch
from
8f69f0e to
1607dd3
Compare
|
@tech4him1 I thought I remembered there being complications with this, but not seeing any mention in the PR. Can you confirm one last time whether this is ready for review? |
|
@erquhart This was originally intended for GitHub, because it seemed that the token was sometimes being timing out if you logged out of GitHub.com in a different tab. That couldn't be consistently reproduced, however (and shouldn't logically be happening), so the PR was put on hold. We did decide to leave it open for use in any other new backend that may have token timeouts, such as BitBucket (and likely GitLab). |
tech4him1
changed the title
|
@tech4him1 thoughts on this one? |
|
@erquhart The current use for this would be adding implicit authentication for BitBucket. We could just close the PR and reference it from the issue if you want? |
|
Awesome, thanks @tech4him1 |
- Summary
We need to have a way to gently re-authenticate the user, especially for backends for which the OAuth token times out or is otherwise invalidated.
With this implementation, we don't re-run the user's action at all, we just re-authenticate on API failure. For example, if the user is saving a post and we get a 401, we re-authenticate the user, but then they have to click the "Save" button again. Do you guys think that is clear enough?
This is not currently implemented at all, but it is needed (will be used) by both #517 and #525.
#559 needs merged before this can be finished.DoneWe can also use theDoneDialogfrom #554 for this as well.This PR fixes #569.No longer applicable.- Test plan:
Current authentication works correctly.
- Description for the changelog
Add gentle re-auth modal for backends (not currently implemented).
- A picture of a cute animal (not mandatory but encouraged)
