Separate front- and back-end redirect handling (#128)

* Add console logs * Add ESA to ember-cli-build * Fix typo * Remove unneeded code * Add additional logs * Add a try/catch on session setup; Add other logs * Tweaks * Clean up logs * Cleanup * Add comments * Cleanup * Add front-end check * Add comment
hashicorp-forge · Apr 7, 2023 · 34c5fcc · 34c5fcc
1 parent a303a44
commit 34c5fcc
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 10 deletions.
diff --git a/web/app/routes/application.js b/web/app/routes/application.js
@@ -11,11 +11,13 @@ export default class ApplicationRoute extends Route {
   @service("fetch") fetchSvc;
   @service flags;
   @service session;
+  @service router;
 
   @action
   error(error) {
     if (error instanceof UnauthorizedError) {
       this.session.invalidate();
+      this.router.transitionTo("authenticate");
       return;
     }
   }

diff --git a/web/app/routes/authenticate.ts b/web/app/routes/authenticate.ts
@@ -6,6 +6,10 @@ export default class AuthenticateRoute extends Route {
   @service declare session: SessionService;
 
   beforeModel() {
+    /**
+     * Checks if the session is authenticated,
+     * and if it is, transitions to the specified route
+     */
     this.session.prohibitAuthentication("/");
   }
 }
diff --git a/web/app/routes/authenticated.ts b/web/app/routes/authenticated.ts
@@ -7,15 +7,28 @@ export default class AuthenticatedRoute extends Route {
   @service declare session: SessionService;
   @service declare authenticatedUser: AuthenticatedUserService;
 
-  async beforeModel(transition: any): Promise<void> {
-    // If the user isn't authenticated, transition to the auth screen
-    let isLoggedIn = this.session.requireAuthentication(
-      transition,
-      "authenticate"
-    );
-    if (isLoggedIn) {
-      await this.authenticatedUser.loadInfo.perform();
-      void this.session.pollForExpiredAuth.perform();
-    }
+  async beforeModel(transition: any) {
+    /**
+     * Checks if the session is authenticated in the front end.
+     * If unauthenticated, it will redirect to the auth screen
+     */
+    this.session.requireAuthentication(transition, "authenticate");
+  }
+
+  // Note: Only called if the session is authenticated in the front end
+  async afterModel() {
+    /**
+     * Checks if the session is authenticated in the back end.
+     * If the `loadInfo` task returns a 401, it will bubble up to the
+     * application error method which invalidates the session
+     * and redirects to the auth screen.
+     */
+    await this.authenticatedUser.loadInfo.perform();
+
+    /**
+     * If the session is authenticated with the front- and back-ends,
+     * kick off the task to poll for expired auth.
+     */
+    void this.session.pollForExpiredAuth.perform();
   }
 }