Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LIMS-1163: Improve error message when token is invalid #702

Merged
merged 7 commits into from
Jan 10, 2024
Merged

LIMS-1163: Improve error message when token is invalid #702

merged 7 commits into from
Jan 10, 2024

Conversation

ndg63276
Copy link
Collaborator

@ndg63276 ndg63276 commented Dec 5, 2023

JIRA ticket: LIMS-1163

Summary:

Users complain of not being allowed to print an air waybill after booking a shipment into Diamond.

Changes:

  • Specify in the error message generated whether this is because the one time token is too old, or non-existent
  • Add user agent and timestamp to the error message generated
  • Allow increasing of 10 second age limit with an optional config variable

To test:

  • Generate an AWB for a shipment, check can view it from the shipment page
  • Set a $max_token_age = -1 config variable and check the error generated (delete it afterwards)
  • View a visit pdf report and CSV download from /visits page, as these also use the sign function

@ndg63276 ndg63276 changed the title Improvement/lims 1163/improve error message when token is invalid LIMS-1163: Improve error message when token is invalid Dec 5, 2023
MattPrit
MattPrit previously requested changes Dec 14, 2023
View reviewed changes
api/src/Controllers/AuthenticationController.php Outdated Show resolved Hide resolved
api/src/Controllers/AuthenticationController.php Outdated
@@ -178,13 +187,21 @@ private function processOneTimeUseTokens(): bool
$need_auth = false;
$this->dataLayer->deleteOneTimeUseToken($tokenId);
}
else
{
$err = 'Authorisation token not valid for this URL.';
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure that we would want to tell the user this. Perhaps we should, if a valid token is not found, return a more generic message to the user, e.g. "Invalid one-time authorization token, please go back and try again...", but log the reason internally.

api/src/Controllers/AuthenticationController.php Outdated Show resolved Hide resolved
@MattPrit MattPrit requested review from gfrn and removed request for MattPrit January 9, 2024 15:40
@ndg63276 ndg63276 merged commit 344aa1c into prerelease Jan 10, 2024
2 checks passed
@ndg63276 ndg63276 deleted the improvement/LIMS-1163/improve-error-message-when-token-is-invalid branch January 10, 2024 16:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gfrn gfrn gfrn approved these changes

@MattPrit MattPrit MattPrit left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ndg63276 @gfrn @MattPrit