#389: do not allow return to profile during re-login (temporary solution)

2024-06-29 03:33:22 +05:30 · 2018-02-28 23:58:45 +02:00 · 2018-02-28 23:58:45 +02:00 · 64e9056730
commit 64e9056730
parent 9f926e42bc
2 changed files with 28 additions and 1 deletions
--- a/src/components/auth/actions.js
+++ b/src/components/auth/actions.js
@ -7,6 +7,7 @@ import loader from 'services/loader';
 import history from 'services/history';
 import { updateUser, acceptRules as userAcceptRules } from 'components/user/actions';
 import { authenticate, logoutAll } from 'components/accounts/actions';
+import { getActiveAccount } from 'components/accounts/reducer';
 import authentication from 'services/api/authentication';
 import oauth from 'services/api/oauth';
 import signup from 'services/api/signup';
@ -436,9 +437,20 @@ export function resetOAuth() {
 * @return {function}
 */
 export function resetAuth() {
-    return (dispatch: (Function | Object) => void) => {
+    return (dispatch: (Function | Object) => void, getSate: () => Object): Promise<void> => {
        dispatch(setLogin(null));
        dispatch(resetOAuth());
+        // ensure current account is valid
+        const activeAccount = getActiveAccount(getSate());
+
+        if (activeAccount) {
+            return Promise.resolve(dispatch(authenticate(activeAccount)))
+                .catch(() => {
+                    // its okay. user will be redirected to an appropriate place
+                });
+        }
+
+        return Promise.resolve();
    };
 }

--- a/tests-e2e/cypress/integration/invalid-refreshToken.test.js
+++ b/tests-e2e/cypress/integration/invalid-refreshToken.test.js
@ -23,6 +23,21 @@ describe('when user\'s token and refreshToken are invalid', () => {
        cy.contains('account preferences');
    });

+    it('should not allow to return to profile using toolbar', () => {
+        cy.visit('/');
+
+        cy.url().should('include', '/password');
+
+        cy
+            .get('[data-e2e-toolbar] a')
+            .contains('Ely.by')
+            .click();
+
+        // TODO: currently we can not skip redirect to /, but we will in future
+        cy.location('pathname', { timeout: 15000 }).should('eq', '/');
+        cy.url({ timeout: 15000 }).should('include', '/password');
+    });
+
    it('should allow select account', () => {
        // TODO: need a way to get valid token for one of the accounts
        cy.visit('/');