Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

session expiry message shows up when not logged in #5197

Closed
redshiftzero opened this issue Apr 16, 2020 · 3 comments · Fixed by #5582
Closed

session expiry message shows up when not logged in #5197

redshiftzero opened this issue Apr 16, 2020 · 3 comments · Fixed by #5582
Labels
Hacktoberfest Issues suitable for the annual Hacktoberfest organized by Digital Ocean help wanted Issues we would definitely appreciate volunteer help with priority/low

Comments

@redshiftzero
Copy link
Contributor

Description

This is a low-priority issue but filing for awareness: right now our session expiration applies to all routes on the application, including when users aren't logged in. Here is the relevant code.

Steps to Reproduce

  1. Go to SecureDrop source interface homepage. Do not log in.
  2. Wait for 120 minutes (this is SESSION_EXPIRATION_MINUTES).
  3. Refresh the page.

Expected Behavior

Nothing happens, page reloads.

Actual Behavior

You'll get a flashed message indicating you have been logged out. This is odd for the user since they're not logged in.

Comments

A proposal is to only use the session expiration logic when logged_in is in the session object.
@eloquence eloquence added Hacktoberfest Issues suitable for the annual Hacktoberfest organized by Digital Ocean help wanted Issues we would definitely appreciate volunteer help with labels Sep 30, 2020
@sheonhan
Copy link
Contributor

Hi @redshiftzero, I'd love to take this on as my first contribution to SecureDrop. I'll follow your proposal under the Comments heading as a guideline. Other than that, is there anything else I need to know before jumping in?

@kushaldas
Copy link
Contributor

@sheonhan feel free to submit a PR (with tests), we can discuss if anything else is required at that. Thank you for showing interest.

@sheonhan sheonhan mentioned this issue Oct 15, 2020
Merged
2 tasks
@sheonhan
Copy link
Contributor

@kushaldas I created a PR #5582 to fix this issue. Would appreciate any comments and suggestions!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Hacktoberfest Issues suitable for the annual Hacktoberfest organized by Digital Ocean help wanted Issues we would definitely appreciate volunteer help with priority/low
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix session expiry message sheonhan/securedrop
4 participants
@eloquence @kushaldas @sheonhan @redshiftzero