Handle expired passwords Redfish standard way

A password can expire at any moment during session lifetime and bmcweb
starts returning 403 Forbidden errors to the requests made after that.
The response contains clear indication of the condition in the standard
`@Message.ExtendedInfo` attribute which is an array of Message objects.

Previously the code was trying to detect this condition by querying
AccountService after logging in but this approach doesn't work when
password expires mid-session. Also it was limited to BMC-managed
accounts and used hardcoded account URIs in violation of Redfish spec.

This patch adds to the interceptor of 403 error so that the user is
automatically redirected to the password change page as soon as the
condition is detected.

The same message is also present in the session creation POST response
201 if the password expired before the log in attempt, in this case the
session is created as usual but the user is automatically redirected to
password change page before any further requests are made.

Tested: logging in, navigating, logging out with non-expired password.
Logging in, navigating, then running `passwd -e <accountname>` via ssh
leads to functional password change page on the next request and then
navigating proceeds normally, and logging out too. If password is
expired before logging in the user gets redirected to the password
change page automatically after logging in.

Fixes: https://github.com/openbmc/webui-vue/issues/118
Change-Id: I03f5ee2526a4bb1d35d3bbea1142fea077d6bfed
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
Signed-off-by: Surya Venkatesan <suryav@ami.com>
3 files changed
tree: d96637d3d47b2e989bbeb06f284c4c37e0091115
  1. .github/
  2. docs/
  3. public/
  4. src/
  5. tests/
  6. .browserslistrc
  7. .env.ibm
  8. .env.intel
  9. .eslintrc.js
  10. .gitattributes
  11. .gitignore
  12. .npmrc
  13. .shellcheck
  14. babel.config.js
  15. CONTRIBUTING.md
  16. format-code.sh
  17. jest.config.js
  18. LICENSE
  19. OWNERS
  20. package-lock.json
  21. package.json
  22. postcss.config.js
  23. README.md
  24. run-ci
  25. vue.config.js
README.md

webui-vue

webui-vue is a web-based user interface for the OpenBMC firmware stack built on Vue.js.

Hold on... What happened to phosphor-webui?

phosphor-webui was built on AngularJS and AngularJS went End of Life on June 30, 2021. This repository is its replacement.

When will this new Vue.js application reach feature parity with phosphor-webui?

A few, mostly minor, features remain for feature parity. See GitHub Issues label:phosphor-webui-feature-parity for the complete list.

What improvements does webui-vue have?

As mentioned, this application is built using Vue.js, a modern open-source Model-View-ViewModel JavaScript framework supported by an active community and strong documentation. It has been architected to allow organizations to easily update the theme to support their brand. This rewrite takes advantage of front-end development best practices and does not suffer from some of the anti-patterns that exist in phosphor-webui today.

Should I switch to webui-vue from phosphor-webui?

It is recommended you switch from phosphor-webui if you haven't already.

webui-vue has the following additional features:

  • Ability to easily theme to meet brand guidelines
  • Accessibility
  • Full Redfish
  • Improved user experience based on user feedback
  • Language translation-ready
  • Modern front-end framework with an active community and future development roadmap

How can I get involved?

Documentation

The documentation for coding standards and components is located in the docs directory. It is created using the VuePress static site generator. Information about how to write documentation can be found on the VuePress website.