app: skip round trip to user endpoint during login (fix #575) #605
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
To clarify, will this break login against unpatched prod instances until 1.2.0? |
|
once this is merged one can either:
|
There was a problem hiding this comment.
- Confirm that login still works
- verify in the diff that there is now no second call to the server prior to the main window being displayed
One thing I'm checking now is if it's fine to call sync_api after resume_queues, I think what we want is to continue to call sync_api before resume_queues so that new jobs can get added and prioritized before the queue starts again (a higher priority job might need to get bumped to the front of the queue like an auth token reset job. What do you think?
|
oh yeah, very good point, I will move |
redshiftzero
force-pushed
the
main-view-disappear
branch
from
d50a4ea to
e58a5f8
Compare
redshiftzero
force-pushed
the
main-view-disappear
branch
from
e58a5f8 to
7f4b97a
Compare
|
Ah, I marked this as draft to block merge until we bring in the corresponding SDK changes, I'll open a followup for updating to the latest version of the SDK |
This was referenced Nov 13, 2019
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Fixes #575 following option 1 presented in the bottom of that ticket: avoiding the round-trip to the /user endpoint by presenting everything we need at login time in the response to the /token endpoint
Test Plan
pip install -e git+https://github.com/freedomofpress/securedrop-sdk.git@token-endpoint-journo-names#egg=securedrop-sdkChecklist
If these changes modify code paths involving cryptography, the opening of files in VMs or network (via the RPC service) traffic, Qubes testing in the staging environment is required. For fine tuning of the graphical user interface, testing in any environment in Qubes is required. Please check as applicable: