root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Clear management auth storage when redirecting to login 

This branch redirects the client to the login page when the cookie
expires. To complete the logout process we should also clear any auth
data stored in local storage: local storage has no built-in expiration
mechanism.

To test this locally you can use `make run-broker`, set the session
timeout to one minute for quick testing:

    application:set_env(rabbitmq_management, login_session_timeout, 1)

go to the management page (`http://localhost:15672/#/`), login with
default credentials and wait a minute. After this change the local
storage only contains info like `rabbitmq.vhost` and `rabbitmq.version`.
This commit is contained in:
Michael Davis 2025-05-28 12:34:51 -04:00
parent 924b451b73
commit 2a1b65df17
No known key found for this signature in database
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
deps/rabbitmq_management/priv/www/js/main.js vendored
View File

@ -1316,7 +1316,8 @@ function update_status(status) {
function with_req(method, path, body, fun) {
if(!has_auth_credentials()) {
// navigate to the login form
// Clear any lingering auth settings in local storage and navigate to the login form.
clear_auth();
location.reload();
return;
}