From bfc1e45a918ad6d993c483e2c49f96686517353a Mon Sep 17 00:00:00 2001 From: Riken Shah Date: Sat, 27 Mar 2021 23:43:00 +0530 Subject: [PATCH] password_change: Avoid unnecessary redirect to the login page. This commits adds on to 9884226f, which was added to handle a rare race condition that occurs when the session hash is not updated by the backend during the password change process. It handles a variant race situation where the request was initiated before/during the password change event and completed after it was completed. Hence, forcing the page to redirect to the login page. --- static/js/setup.js | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/static/js/setup.js b/static/js/setup.js index dc89dbeb5e..1171c0d318 100644 --- a/static/js/setup.js +++ b/static/js/setup.js @@ -7,9 +7,13 @@ import * as util from "./util"; // Miscellaneous early setup. export let password_change_in_progress = false; +export let last_password_change_start_time = null; export function set_password_change_in_progress(value) { password_change_in_progress = value; + if (value) { + last_password_change_start_time = new Date(); + } } $(() => { @@ -42,9 +46,21 @@ $(() => { return this.outerWidth(...args) || 0; }; + // Attach the time when the request was initiated to its XHR + // object. This allows us to detect race situations where a + // password change completed before we got a response that failed + // due to the ongoing password change. + $(document).ajaxSend((event, xhr) => { + xhr.initiatedTime = new Date(); + }); + // For some reason, jQuery wants this to be attached to an element. $(document).ajaxError((event, xhr) => { - if (password_change_in_progress) { + if ( + password_change_in_progress || + (last_password_change_start_time && + xhr.initiatedTime <= last_password_change_start_time) + ) { // The backend for handling password change API requests // will replace the user's session; this results in a // brief race where any API request will fail with a 401