Details
-
Type:
Task
-
Status: Closed (View Workflow)
-
Priority:
Major
-
Resolution: Done
-
Affects Version/s: None
-
Fix Version/s: None
-
Labels:None
-
Story Points:3
-
Epic Link:
-
Sprint:Spring 5 : 16 Mar to 27 Mar, Spring 6 : 30 Mar to Apr 10, Spring 7 : 13 Apr to 24 Apr, Spring 8 : 24 Apr to 8 May, Spring 8 : 11 May to 25 May, Spring 9 : 25 May to 8 Jun, Summer 1: 8 Jun - 19 Jun
Description
Situation: The access token generated by CyVerse automatically expires after 57,600 seconds (16 hours). This effectively forces users to log back in to the system every day. Unfortunately there is no way around this as refresh tokens do not exist for the Terrain API (as of March 23, 2020). After the access token has expired, if a user does anything in BioViz Connect that requires an API call, they receive an error (for example that files/folders could not be retrieved). This is somewhat confusing as it appears that something has gone wrong on our end.
Task: Come up with a user-friendly way to log the user out after 16 hours. Something like: after 16 hours the user receives a notification/popup informing them that their session has expired and that they will need to re-login. There would be a button that would return them to the CyVerse-BioViz Connect login page so they could quickly re-enter their credentials and then get back to work.
Attachments
Issue Links
- relates to
-
-
- Closed
-
Activity
| Field | Original Value | New Value |
|---|---|---|
| Epic Link |
|
| Sprint | Spring 5 : 16 Mar to 27 Mar [ 90 ] | Spring 5 : 16 Mar to 27 Mar, Spring 6 : 30 Mar to Apr 10 [ 90, 91 ] |
| Rank | Ranked higher |
| Status | To-Do [ 10305 ] | In Progress [ 3 ] |
| Assignee | Karthik Raveendran [ karthik ] |
| Status | In Progress [ 3 ] | Needs 1st Level Review [ 10005 ] |
| Status | Needs 1st Level Review [ 10005 ] | First Level Review in Progress [ 10301 ] |
| Assignee | Karthik Raveendran [ karthik ] | Nowlan Freese [ nfreese ] |
| Status | First Level Review in Progress [ 10301 ] | To-Do [ 10305 ] |
| Status | To-Do [ 10305 ] | In Progress [ 3 ] |
| Assignee | Nowlan Freese [ nfreese ] | Karthik Raveendran [ karthik ] |
| Assignee | Karthik Raveendran [ karthik ] |
| Assignee | Chaitanya Kintali [ chaitanya ] |
| Sprint | Spring 5 : 16 Mar to 27 Mar, Spring 6 : 30 Mar to Apr 10 [ 90, 91 ] | Spring 5 : 16 Mar to 27 Mar, Spring 6 : 30 Mar to Apr 10, Spring 7 : 13 Apr to 24 Apr [ 90, 91, 92 ] |
| Rank | Ranked higher |
Testing:
If I am in either the shared with me or community folders when I am logged out, when I log back in I'm taken to the correct folder (url is correct), but the breadcrumbs are broken and the left panel Home is highlighted.
See attached screenshot
| Attachment | Screen Shot 2020-04-23 at 4.19.33 PM.png [ 14698 ] |
If user was in the analyseslog when logged out it tries to direct them back to the analyses log but fails.
If user was in the search directory when logged out it tries to direct them back to their search but fails.
Seems like the redirect after logging out/in works correctly if the user is in their home directory, but is breaking in the shared/community directories and the analyses/search "directories".
The URLs when logged back in are correct, but there must be something wrong with the API call as they fail.
| Sprint | Spring 5 : 16 Mar to 27 Mar, Spring 6 : 30 Mar to Apr 10, Spring 7 : 13 Apr to 24 Apr [ 90, 91, 92 ] | Spring 5 : 16 Mar to 27 Mar, Spring 6 : 30 Mar to Apr 10, Spring 7 : 13 Apr to 24 Apr, Spring 8 : 24 Apr to 8 May [ 90, 91, 92, 93 ] |
| Rank | Ranked higher |
I have fixed the Shared, Community, Analyses for both breadcrumbs and left panel highlighting issues.
will fix the search issue with this ticket code changes.
https://jira.transvar.org/browse/IGBF-2355
bitbucket code changes link:
https://bitbucket.org/nfreese/django-cyversedev/pull-requests/156/igbf-2292_changes/diff
Could you please test and please let me know if you find anything breaks.
| Sprint | Spring 5 : 16 Mar to 27 Mar, Spring 6 : 30 Mar to Apr 10, Spring 7 : 13 Apr to 24 Apr, Spring 8 : 24 Apr to 8 May [ 90, 91, 92, 93 ] | Spring 5 : 16 Mar to 27 Mar, Spring 6 : 30 Mar to Apr 10, Spring 7 : 13 Apr to 24 Apr, Spring 8 : 24 Apr to 8 May, Spring 8 : 11 May to 25 May [ 90, 91, 92, 93, 94 ] |
| Rank | Ranked higher |
Tested on chaitanya.bioviz.org
Working:
Redirect is working for Shared, Community, Analysis, with breadcrumbs and left-panel appearing correctly.
Make public link: working correctly
Metadata: working correctly
Not working:
Analysis: Not appearing for files (such as bam).
View in IGB: Not appearing for any files.
Note: I think this is separate from this issue, but I noticed that if a file/folder has special characters, removing the public link is correctly removing anonymous (public) read access to the file, but the public link still appears to be functional. Testing on a file/folder with no special characters works correctly (if no public access, public url is immediately invalidated). We might want to test this further, as it could be an underlying issue with CyVerse, and may be important to point out to them.
| Link | This issue relates to IGBF-2380 [ IGBF-2380 ] |
Working:
Redirect is working for Shared, Community, Analysis, with breadcrumbs and left-panel appearing correctly.
Make public link: working correctly
Metadata: working correctly
Analysis: working correctly
View in IGB: working correctly
| Assignee | Chaitanya Kintali [ chaitanya ] | Nowlan Freese [ nfreese ] |
| Sprint | Spring 5 : 16 Mar to 27 Mar, Spring 6 : 30 Mar to Apr 10, Spring 7 : 13 Apr to 24 Apr, Spring 8 : 24 Apr to 8 May, Spring 8 : 11 May to 25 May [ 90, 91, 92, 93, 94 ] | Spring 5 : 16 Mar to 27 Mar, Spring 6 : 30 Mar to Apr 10, Spring 7 : 13 Apr to 24 Apr, Spring 8 : 24 Apr to 8 May, Spring 8 : 11 May to 25 May, Spring 9 : 25 May to 8 Jun [ 90, 91, 92, 93, 94, 95 ] |
| Rank | Ranked higher |
| Assignee | Nowlan Freese [ nfreese ] | Chaitanya Kintali [ chaitanya ] |
| Status | In Progress [ 3 ] | To-Do [ 10305 ] |
| Status | To-Do [ 10305 ] | In Progress [ 3 ] |
| Sprint | Spring 5 : 16 Mar to 27 Mar, Spring 6 : 30 Mar to Apr 10, Spring 7 : 13 Apr to 24 Apr, Spring 8 : 24 Apr to 8 May, Spring 8 : 11 May to 25 May, Spring 9 : 25 May to 8 Jun [ 90, 91, 92, 93, 94, 95 ] | Spring 5 : 16 Mar to 27 Mar, Spring 6 : 30 Mar to Apr 10, Spring 7 : 13 Apr to 24 Apr, Spring 8 : 24 Apr to 8 May, Spring 8 : 11 May to 25 May, Spring 9 : 25 May to 8 Jun, Summer 1: 8 Jun - 19 Jun [ 90, 91, 92, 93, 94, 95, 96 ] |
| Rank | Ranked higher |
Discussion with Chaitanya:
After 16 hours we were removing user from Redis database. This was causing an issue with the log out, as once the user was removed from the redis database it was breaking the log out flow.
New approach: Redis database should keep track of user for 80 hours. After 16 hours (length of access token), the access token needs to be marked as invalidated. If the user tries to do something on the page, they will be redirected to the login page. Upon login, they will be redirected to previous working directory. If the user has not logged back in after 80 hours, they will be removed from the redis database. If they log in, they will be redirected to their home directory.
Pull Request Code Changes for the above behavior.
Also Need to change the redis expiry token in settings.ini to 288000 seconds.
| Status | In Progress [ 3 ] | Needs 1st Level Review [ 10005 ] |
| Status | Needs 1st Level Review [ 10005 ] | First Level Review in Progress [ 10301 ] |
| Status | First Level Review in Progress [ 10301 ] | Ready for Pull Request [ 10304 ] |
| Status | Ready for Pull Request [ 10304 ] | Pull Request Submitted [ 10101 ] |
| Status | Pull Request Submitted [ 10101 ] | Reviewing Pull Request [ 10303 ] |
| Status | Reviewing Pull Request [ 10303 ] | Merged Needs Testing [ 10002 ] |
| Status | Merged Needs Testing [ 10002 ] | Post-merge Testing In Progress [ 10003 ] |
| Assignee | Chaitanya Kintali [ chaitanya ] | Nowlan Freese [ nfreese ] |
Testing on Mac on chaitanya.bioviz.org on Firefox.
Using the logout URL to test: https://auth.cyverse.org/cas5/logout?service=https://chaitanya.bioviz.org/
User redirected successfully to prior location if in analyses log, home directory, shared, or community.
BioViz Connect breaks if the user is in Search when logged out. When I logged back in and it tried to redirect back to Search, it then logged me back out again and upon logging in went to connect.bioviz.org.
For the redis expiry, make sure we update the documentation for setting up the redis database.
| Assignee | Nowlan Freese [ nfreese ] | Chaitanya Kintali [ chaitanya ] |
| Status | Post-merge Testing In Progress [ 10003 ] | To-Do [ 10305 ] |
| Status | To-Do [ 10305 ] | In Progress [ 3 ] |
One Edge Case to keep in mind for future purposes.
1) Search for a file
2) Hit the logout URL in another tab
3) Refresh the page
The user is redirected to the login page and when logged back in the user is shown a new list of files. The root cause for this issue is the page cannot identify which section the user is currently in from the URL after a page refresh.
All other Scenario's are working as expected.
| Status | In Progress [ 3 ] | Needs 1st Level Review [ 10005 ] |
| Status | Needs 1st Level Review [ 10005 ] | First Level Review in Progress [ 10301 ] |
| Status | First Level Review in Progress [ 10301 ] | Ready for Pull Request [ 10304 ] |
| Status | Ready for Pull Request [ 10304 ] | Pull Request Submitted [ 10101 ] |
| Status | Pull Request Submitted [ 10101 ] | Reviewing Pull Request [ 10303 ] |
| Status | Reviewing Pull Request [ 10303 ] | Merged Needs Testing [ 10002 ] |
| Assignee | Chaitanya Kintali [ chaitanya ] |
| Status | Merged Needs Testing [ 10002 ] | Post-merge Testing In Progress [ 10003 ] |
| Assignee | Nowlan Freese [ nfreese ] |
| Resolution | Done [ 10000 ] | |
| Status | Post-merge Testing In Progress [ 10003 ] | Closed [ 6 ] |
Working correctly, closing issue.
| Assignee | Nowlan Freese [ nfreese ] | Chaitanya Kintali [ chaitanya ] |
Dr. Loraine pointed out that it would be nice if a user was returned to the same directory location when they logged back in after the token has expired.
Situation: User is in a directory, 16 hours has passed and the token expires. User is logged out and sent back to cyverse login page. User logs back in and instead of going to the base home directory, is redirected to whatever directory they were previously working in.
Thoughts: When the user is logged out and we send them to the cyverse login page (https://auth.cyverse.org/cas5/oauth2.0/authorize) we include a redirect URI. We may be able to set this as the user's current URI so that when they log back in they are sent to the directory where they were working.