Switch to standard Redfish auth endpoint
To be able to talk to a Redfish-compliant implementation webui should
switch from old non-standard login and logout endpoints to creating a
Session via an appropriate POST request and to DELETE it on logout. This
also gives us standard Session object with all the relevant parameters
which allows the frontend to know what session it's using, what
permissions it has etc.
This works against bmcweb which checks for the presence of
webui-vue-specific "X-Requested-With" header in the request and provides
cookies in addition to the Redfish authentication token in the header.
Tested: logging in, logging out, navigating the pages, reloading the
page doesn't require logging in (if the session isn't expired),
WebSocket connections work.
Change-Id: I9d6159850b109a658b8f980637653e7e4576058b
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
diff --git a/src/store/modules/Authentication/AuthenticanStore.js b/src/store/modules/Authentication/AuthenticanStore.js
index 2006661..3ad41c6 100644
--- a/src/store/modules/Authentication/AuthenticanStore.js
+++ b/src/store/modules/Authentication/AuthenticanStore.js
@@ -10,21 +10,28 @@
authError: false,
xsrfCookie: Cookies.get('XSRF-TOKEN'),
isAuthenticatedCookie: Cookies.get('IsAuthenticated'),
+ sessionURI: localStorage.getItem('sessionURI'),
},
getters: {
consoleWindow: (state) => state.consoleWindow,
authError: (state) => state.authError,
isLoggedIn: (state) => {
+ // We might have gotten XSRF-TOKEN (and HttpOnly SESSION cookie) by Mutual TLS authentication,
+ // without going through explicit Session creation
return (
state.xsrfCookie !== undefined || state.isAuthenticatedCookie == 'true'
);
},
+ // Used to authenticate WebSocket connections via subprotocol value
token: (state) => state.xsrfCookie,
},
mutations: {
- authSuccess(state) {
+ authSuccess(state, { session }) {
state.authError = false;
state.xsrfCookie = Cookies.get('XSRF-TOKEN');
+ // Preserve session data across page reloads and browser restarts
+ localStorage.setItem('sessionURI', session);
+ state.sessionURI = session;
},
authError(state, authError = true) {
state.authError = authError;
@@ -35,30 +42,33 @@
localStorage.removeItem('storedUsername');
state.xsrfCookie = undefined;
state.isAuthenticatedCookie = undefined;
+ localStorage.removeItem('sessionURI');
+ state.sessionURI = null;
+ state.consoleWindow = false;
},
- setConsoleWindow: (state, window) => (state.consoleWindow = window),
},
actions: {
login({ commit }, { username, password }) {
commit('authError', false);
return api
- .post('/login', {
- username: username,
- password: password,
+ .post('/redfish/v1/SessionService/Sessions', {
+ UserName: username,
+ Password: password,
})
- .then(() => commit('authSuccess'))
+ .then((response) => {
+ commit('authSuccess', {
+ session: response.headers['location'],
+ });
+ })
.catch((error) => {
commit('authError');
throw new Error(error);
});
},
- logout({ commit }) {
+ logout({ commit, state }) {
api
- .post('/logout', { data: [] })
- .then(() => {
- commit('setConsoleWindow', false);
- commit('logout');
- })
+ .delete(state.sessionURI)
+ .then(() => commit('logout'))
.then(() => router.push('/login'))
.catch((error) => console.log(error));
},