django-openstack-auth

Don't ask already authenticated users to log in

Bug #1308637 reported by Julie Pichon
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
django-openstack-auth
Fix Released
Undecided
Julie Pichon
django-openstack-auth 1.1.6

Bug Description

At the moment, we have a bit of an inconsistency in how we handle already logged in users:

1. Before authenticating, go to https://my_dashboard/ : you are asked to enter your username and password
2. After authenticating, return to https://my_dashboard/ : you are redirected to the overview page (user home page)

However, the login page itself behaves differently:

1. Before authenticating, go to https://my_dashboard/auth/login : you are asked to enter your username and password
2. After authenticating, return to https://my_dashboard/auth/login : you are asked again to enter your username and password

This is misleading some users into believing they can have multiple Horizon sessions open at once in different projects or even with different users. It then causes issues when creating new resources as they do not get added in the project that was expected.

I'd like to suggest performing the same redirect when accessing the /auth/login page to help reduce the user confusion around this.

Tags: ux
Revision history for this message
Openstack Gerrit (openstack-gerrit) wrote : Fix proposed to django_openstack_auth (master)

Fix proposed to branch: master
Review: https://review.openstack.org/88019

Changed in django-openstack-auth:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to django_openstack_auth (master)

Reviewed: https://review.openstack.org/88019
Committed: https://git.openstack.org/cgit/openstack/django_openstack_auth/commit/?id=ee41e31b9a2f98128d35ad4d76cb81e124fb46ea
Submitter: Jenkins
Branch: master

commit ee41e31b9a2f98128d35ad4d76cb81e124fb46ea
Author: Julie Pichon <email address hidden>
Date: Wed Apr 16 17:16:00 2014 +0100

    Redirect the user if they're already logged in

    Similar to when the domain root url is accessed, if the user is
    already logged in do not show them the login page nor ask for their
    credentials. This avoids users being misled into thinking they can
    open multiple sessions in parallel, and is in line with how most web
    applications handle this.

    Change-Id: Ibd37b9c488d65cf54b156f23db4fa04f019d8092
    Closes-Bug: #1308637

Changed in django-openstack-auth:
status: In Progress → Fix Committed
Akihiro Motoki (amotoki)
Changed in django-openstack-auth:
milestone: none → 1.1.6
Akihiro Motoki (amotoki)
Changed in django-openstack-auth:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.