Added force logout on CVAT app start if token is missing (#5331)

8705e236 · Kirill Lakhov · GitHub · 08dd27d9 · 8705e236 · 8705e236
6 changed file
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -78,6 +78,7 @@ non-ascii paths while adding files from "Connected file share" (issue #4428)
  (<https://github.com/opencv/cvat/issues/4839>)
 - Fixed job exporting (<https://github.com/opencv/cvat/pull/5282>)
 - Visibility and ignored information fail to be loaded (MOT dataset format) (<https://github.com/opencv/cvat/pull/5270>)
+- Added force logout on CVAT app start if token is missing (<https://github.com/opencv/cvat/pull/5331>)
 - Missed token with using social account authentication (<https://github.com/opencv/cvat/pull/5344>)

 ### Security

--- a/cvat-core/package.json
+++ b/cvat-core/package.json
 {
  "name": "cvat-core",
-  "version": "7.2.0",
+  "version": "7.2.1",
  "description": "Part of Computer Vision Tool which presents an interface for client-side integration",
  "main": "src/api.ts",
  "scripts": {

--- a/cvat-core/src/server-proxy.ts
+++ b/cvat-core/src/server-proxy.ts
@@ -456,7 +456,11 @@ class ServerProxy {
                }
            } catch (serverError) {
                if (serverError.code === 401) {
-                    removeToken();
+                    // In CVAT app we use two types of authentication,
+                    // So here we are forcing user have both credential types
+                    // First request will fail if session is expired, then we check
+                    // for precense of token
+                    await logout();
                    return false;
                }


--- a/cvat-ui/src/components/cvat-app.tsx
+++ b/cvat-ui/src/components/cvat-app.tsx
@@ -436,7 +436,7 @@ class CVATApplication extends React.PureComponent<CVATAppProps & RouteComponentP
                        <Route exact path='/auth/login' component={LoginPageContainer} />
                        <Route
                            exact
-                            path='/auth/login-with-token/:sessionId/:token'
+                            path='/auth/login-with-token/:token'
                            component={LoginWithTokenComponent}
                        />
                        <Route exact path='/auth/password/reset' component={ResetPasswordPageComponent} />

--- a/cvat-ui/src/components/login-with-token/login-with-token.tsx
+++ b/cvat-ui/src/components/login-with-token/login-with-token.tsx
 // Copyright (C) 2020-2022 Intel Corporation
+// Copyright (C) 2022 CVAT.ai Corporation
 //
 // SPDX-License-Identifier: MIT

 import React, { useEffect } from 'react';
 import { Redirect, useParams, useLocation } from 'react-router';
-import { useCookies } from 'react-cookie';

 export default function LoginWithTokenComponent(): JSX.Element {
    const location = useLocation();
-    const { sessionId, token } = useParams<{ sessionId: string; token: string }>();
-    const [cookies, setCookie] = useCookies(['sessionid', 'csrftoken']);
+    const { token } = useParams<{ token: string }>();

-    const expires1y = new Date(new Date().setFullYear(new Date().getFullYear() + 1));
-    const expires2w = new Date(new Date().setDate(new Date().getDate() + 13));
    const search = new URLSearchParams(location.search);

-    setCookie('sessionid', sessionId, { path: '/', expires: expires2w });
-    setCookie('csrftoken', token, { path: '/', expires: expires1y });
-
    useEffect(
-        () => () => {
-            window.location.reload();
+        () => {
+            localStorage.setItem('token', token);
+            return () => window.location.reload();
        },
-        [cookies.sessionid, cookies.csrftoken],
+        [token],
    );

-    if (cookies.sessionid && cookies.csrftoken) {
+    if (token) {
        return <Redirect to={search.get('next') || '/tasks'} />;
    }
    return <></>;

--- a/tests/cypress/integration/actions_users/issue_1810_login_logout.js
+++ b/tests/cypress/integration/actions_users/issue_1810_login_logout.js
@@ -66,10 +66,8 @@ context('When clicking on the Logout button, get the user session closed.', () =
                    password: Cypress.env('password'),
                },
            }).then(async (response) => {
-                const cookies = await response.headers['set-cookie'];
-                const csrfToken = cookies[0].match(/csrftoken=\w+/)[0].replace('csrftoken=', '');
-                const sessionId = cookies[1].match(/sessionid=\w+/)[0].replace('sessionid=', '');
-                cy.visit(`/login-with-token/${sessionId}/${csrfToken}?next=/tasks/${taskId}`);
+                const token = response.body.key;
+                cy.visit(`/auth/login-with-token/${token}?next=/tasks/${taskId}`);
                cy.contains('.cvat-task-details-task-name', `${taskName}`).should('be.visible');
            });
        });