External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-15 11:50:42 -03:30
Code Issues Packages Projects Releases Wiki Activity

JS documentation

Browse Source 
Authentication docs. Plus tweaks to doc site configuration.
This commit is contained in:
Chris Houseknecht 2014-08-28 16:34:15 -04:00
parent 0c336728f4
commit 9a6df729f9
1 changed files with 43 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
awx/ui/static/js/controllers/Authentication.js
View File

@ -14,15 +14,52 @@
* @description
* Controller for handling /#/login and /#/logout routes.
*
* Tower (app.js) checks if the user is authenticated and whether the user session is in an unexpired state. If either condition is not true,
* the user is redirected to /#/login.
* Tower (app.js) verifies the user is authenticated and that the user session is not expired. If either condition is not true,
* the user is redirected to /#/login and the Authentication controller.
*
* Functions for checking the session state are found in [lib/ansible/AuthService.js](/static/docs/api/lib.ansible.function:AuthService)
* Methods for checking the session state are found in [lib/ansible/AuthService.js](/static/docs/api/lib.ansible.function:AuthService), which is referenced here as Authorization.
*
* #Login Modal Dialog
*
* The modal dialog prompting for username and password is found in templates/ui/index.html.
*```
* <!-- login modal -->
* <div id="login-modal" class="modal fade">
* <div class="modal-dialog">
* <div class="modal-content" id="login-modal-content">
* </div><!-- modal-content -->
* </div><!-- modal-dialog -->
* </div><!-- modal -->
*```
* HTML for the login form is generated, compiled and injected into <div id="login-modal-content"></div> by the controller. This is done to associate the form with the controller's scope. Because
* <div id="login-modal"></div> is outside of the ng-view container, it gets associated with $rootScope by default. In the controller we create a new scope using $rootScope.$new() and associate
* that with the login form. Doing this each time the controller is instantiated insures the form is clean and not pre-populated with a prior user's username and password.
*
* Just before the release of 2.0 a bug was discovered where clicking logout and then immediately clicking login without providing a username and password would successfully log
* the user back into Tower. Implementing the above approach fixed this, forcing a new username/password to be entered each time the login dialog appears.
*
* #Login Workflow
*
* When the the login button is clicked, the following occurs:
*
* - Call Authorization.retrieveToken(username, password) - sends a POST request to /api/v1/authtoken to get a new token value.
* - Call Authorization.setToken(token, expires) to store the token and exipration time in a session cookie.
* - Start the expiration timer by calling the init() method of [lib/ansible/Timer.js](/static/docs/api/lib.ansible.function:Timer)
* - Get user informaton by calling Authorization.getUser() - sends a GET request to /api/v1/me
* - Store user information in the session cookie by calling Authorization.setUser().
* - Get the Tower license by calling Authorization.getLicense() - sends a GET request to /api/vi/config
* - Stores the license object in local storage by calling Authorization.setLicense(). This adds the Tower version and a tested flag to the license object. The tested flag is initially set to false.
*
* Note that there is a session timer kept on the server side as well as the client side. Each time an API request is made, Tower (in app.js) calls
* Timer.isExpired(). This verifies the UI does not think the session is expired, and if not, moves the expiration time into the future. The number of
* seconds between API calls before a session is considered expired is set in config.js as session_timeout.
*
* @Usage
* This is usage information.
*/
'use strict';
function Authenticate($log, $cookieStore, $compile, $window, $scope, $rootScope, $location, Authorization, ToggleClass, Alert, Wait,
function Authenticate($log, $cookieStore, $compile, $window, $rootScope, $location, Authorization, ToggleClass, Alert, Wait,
Timer, Empty) {
var setLoginFocus, lastPath, sessionExpired, loginAgain,
@ -171,10 +208,9 @@ function Authenticate($log, $cookieStore, $compile, $window, $scope, $rootScope,
});
});
// Call the API to get an cauth token
// Call the API to get an auth token
scope.systemLogin = function (username, password) {
$('.api-error').empty();
var token;
if (Empty(username) || Empty(password)) {
Alert('Error!', 'Please provide a username and password before attempting to login.', 'alert-danger', setLoginFocus, null, null, false);
} else {
@ -182,7 +218,6 @@ function Authenticate($log, $cookieStore, $compile, $window, $scope, $rootScope,
Authorization.retrieveToken(username, password)
.success(function (data) {
$('#login-modal').modal('hide');
token = data.token;
Authorization.setToken(data.token, data.expires);
$rootScope.sessionTimer = Timer.init();
scope.$emit('AuthorizationGetUser');
@ -213,6 +248,6 @@ function Authenticate($log, $cookieStore, $compile, $window, $scope, $rootScope,
};
}
Authenticate.$inject = ['$log', '$cookieStore', '$compile', '$window', '$scope', '$rootScope', '$location', 'Authorization', 'ToggleClass', 'Alert', 'Wait',
Authenticate.$inject = ['$log', '$cookieStore', '$compile', '$window', '$rootScope', '$location', 'Authorization', 'ToggleClass', 'Alert', 'Wait',
'Timer', 'Empty'
];