view · edit · sidebar · attach · print · history

Index>

20161123-davaz-rack

Summary

Commits

Index

Convert davaz.com to use SBSM 1.3.1 with rack

Looking at the unit tests which demand a logged in user, e.g. test/feature/new_art_object_test.rb, which reports Could not log in. Login-Field must no longer be present!.

The login is triggered via a session running inside the DRB-Server test/davaz. Each time the session is initialize a different key is presented. This is not correct.

Comparing the result of the login form I see that both on davaz.com and in the unit tests they have a body with {"success":true} and the sbsm persistent cookie contains the fields remember, name and language.

But during the unit tests, the next step is not to display the logged in http://davaz.com/en/gallery/gallery, but to return to the home state. The persistent_user_input is not shared correctly between der Rack-Part and ther DRB-Server.

Found the culprit: SBSM till now always allowed it to override the name of the persistent cookie by setting the constant PERSISTENT_COOKIE_NAME, which is in this case "davaz.com-preferences". But in my Rack-Implementation I overwrote it in lib/sbsm/app.rb wiht "cookie-persistent-sbsm-1.3.1". Added a unit test for it.

Now it looks as if the variables passed via cookie are stored and retrieved correctly. But the long URL (/en/admin?login_email=right%40user.ch&login_password=abcd&remember_me=1&flavor=&language=en&event=login&state_id=47299269148920&fragment=) for the login is not handled correctly. Also I don't think it is a good idea to pass the password in cleartext in the URL.

Now the the login dialog vanishes, but the login is not succesfull, as we still see the "Login" link at the bottom. But in the Log I find the line app.rb:352:in `login' res for right@user.ch is #<DaVaz::Stub::User:0x0055e717e93258>, which means that the app could login correctly. But advancing the state does not yet work.

Pushed commit Use Cookiename from app

view · edit · sidebar · attach · print · history
Page last modified on November 23, 2016, at 06:05 PM