failed user login is not handled correctly #262

karenetheridge · 2020-09-24T21:40:08Z

As discussed in MM last week -- when the user enters an invalid password at the login page, the 401 response is being sent back to the browser which kicks up a default user auth form.

dustinryerson · 2020-10-12T17:37:06Z

This is being caused by the WWW-Authenticate header being returned in the response, which was added to the API here: joyent/conch-api#985

We should not be sending "Basic" as we do not recognize that type, but rather "Bearer" where the Authorization header is expected to contain a JWT. see joyent/conch-ui#262 (comment)

karenetheridge · 2020-10-14T16:00:30Z

I still think it's odd that the response (and its headers) is being seen by the browser rather than being captured by the js that made the request. The API does not structure its responses with the browser in mind.

dustinryerson · 2020-12-23T00:39:24Z

This issue has been resolved by joyent/conch-api#1042.

karenetheridge added bug Something isn't working wat Causes operator confusion labels Sep 24, 2020

bdelano assigned dustinryerson Oct 9, 2020

karenetheridge mentioned this issue Oct 13, 2020

fix authentication challenge returned on 401, 403 responses joyent/conch-api#1042

Merged

dustinryerson closed this as completed Dec 23, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

failed user login is not handled correctly #262

failed user login is not handled correctly #262

karenetheridge commented Sep 24, 2020

dustinryerson commented Oct 12, 2020

karenetheridge commented Oct 14, 2020

dustinryerson commented Dec 23, 2020

failed user login is not handled correctly #262

failed user login is not handled correctly #262

Comments

karenetheridge commented Sep 24, 2020

dustinryerson commented Oct 12, 2020

karenetheridge commented Oct 14, 2020

dustinryerson commented Dec 23, 2020