feat: log out user if not authorized #579
Conversation
|
Hello, I'm the AEM Code Sync Bot and I will run some actions to deploy your branch and validate page speed.
|
|
Need to check.. I get multiple reloads of the page before IMS decides to go to the login page. Weird. |
|
I like this idea. I would probably simplify this, though: If we get a 401 / 403 back from collab, just refresh the page. The person likely needs to refresh the token they're using for collab. If you use DA at least once every two weeks, you can refresh for up to 364 days. There's no reason to forcefully log them out. The other advantage is that if they are truly unauthorized now, the existing DA machinery will boot them. Any future improvements we make to the unauthorized flow this will get for free. |
|
This forces the user into the ims signin screen, but is a bit confusing as it does it with no warning. I wonder if we should have a dialog alerting the user with the option to signin again or go to da home? @auniverseaway thoughts? |
| await loadIms(); | ||
| handleSignIn(); | ||
| // wait 1 second to let ims do its things | ||
| await new Promise((resolve) => { setTimeout(resolve, 1000); }); |
There was a problem hiding this comment.
Just to verify - handleSignIn will force a page redirect to ims, so this await will be cut short on page navigation?
Fix #563
Session might expire or user can be logged out for some reason but still continue to author. Editor does not detect this case and still allow user to edit for an infinite time (until page reload).
Test: https://kickout--da-live--adobe.aem.live/