Problems with redirect to login after server session timeout
4,724 views
Skip to first unread message
Oscar Caceres
Aug 9, 2013, 4:54:45 AM8/9/13
to ang...@googlegroups.com
Hi,
I am working on a project where the back end is MVC 4 asp.net, the page has some content only visible when the request has been authenticated like so:
<div ng-app='test'>
<@if (Request.IsAuthenticated)
{
<div class="menu">
<div ng-view>
</div>
</div>
}else
{
@Html.Partial("The authentication page") --> Here the user should Login
}
</div>
The first time, the user sees the login page since the request is not Authenticated, then after that the page refreshes and he can see the menus, etc.
I have a problem when a server timeout occurs, If the user let's say is inactive for longer of the timeout period, and then request page XYZ, the request is no longer authenticated while I am making the Ajax call and geting the new page,
the server redirects to the login page with the following URL "/?ReturnUrl=XYZ", with status code 302.
The problem is that the login page gets inserted inside the <div> where ng-view is, thus showing the menu, etc. the expected behaviour is that I should be redirected to the Login Page(full page reload),
I have search in google and here, but it seems that is a problem with my implementation or i am not searching good enough...
Does any one have a clue of why this happens or how can i solve this problem?
regards,
Oscar
Damien METZLER
Aug 9, 2013, 7:43:09 AM8/9/13
to ang...@googlegroups.com
The problem here is that once your page is loaded, every call to the server happens in a XHR request. There won't be any page reload. When you hit a timeout, then the XHR should receive a 401 http response code.
One good way of dealing with that is to use an interceptor like described here : http://www.espeo.pl/2012/02/26/authentication-in-angularjs-application
Each time a http request is done and a 401 error code is returned, then you handle the case, for instance by presenting a new view to login and then come back to the request. Another more rough solution could be in your case to reload the whole page and let the server deal with authentication, but you would loose the context and the action the user wanted to do.
Oscar Caceres
Aug 13, 2013, 5:38:07 AM8/13/13
to ang...@googlegroups.com
Hi Damien,
Thanks a lot for your response, the article is really useful. The problem is that the IIS server, does not issue a 401 response code, but a 302 and sends me the login page...
I have an interceptor already, but it doesnt help in this case...
do you have any other suggestions?
/O
Oscar Caceres
Aug 13, 2013, 10:43:22 AM8/13/13
to ang...@googlegroups.com
Hi,
I have solved this issue with setting the reload url with a angular path that links to a timeout page.
In this page I have this meta tag: <meta http-equiv="refresh" content="5;url=/" /> which will make the browser to reload.
In the case of ajax calls, I am catching the 401 error as Damien suggested, but I dont always get this error from IIS.
I will try to implement the login pop up form.
--
You received this message because you are subscribed to a topic in the Google Groups "AngularJS" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/angular/CN137ztfDW0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to angular+u...@googlegroups.com.
To post to this group, send email to ang...@googlegroups.com.
Visit this group at http://groups.google.com/group/angular.
For more options, visit https://groups.google.com/groups/opt_out.
Venlig hilsen / Best regards
EuroForm A/S
Oscar Caceres
Software development manager
Software development manager
EuroForm A/S - Riskær 15 - DK-2765 Smørum - CVR nr./VAT no.: DK 18 66 35 97
Jose Luis Rivas
Aug 13, 2013, 10:46:36 AM8/13/13
to ang...@googlegroups.com
On 8/13/13 7:43 AM, Oscar Caceres wrote:
> Hi,
>
> I have solved this issue with setting the reload url with a angular path
> that links to a timeout page.
> In this page I have this meta tag:
> <metahttp-equiv="refresh"content="5;url=/"/> which will make the browser
> Hi,
>
> I have solved this issue with setting the reload url with a angular path
> that links to a timeout page.
> In this page I have this meta tag:
> to reload.
> In the case of ajax calls, I am catching the 401 error as Damien
> suggested, but I dont always get this error from IIS.
> I will try to implement the login pop up form.
Forcing a reload is as easy as $window.location.href = '/'
> In the case of ajax calls, I am catching the 401 error as Damien
> suggested, but I dont always get this error from IIS.
> I will try to implement the login pop up form.
--
Jose Luis Rivas
http://joseluisrivas.net/
Reply all
Reply to author
Forward
0 new messages