From 12a3593dea3e108bc6f784f11a5571dced094274 Mon Sep 17 00:00:00 2001 From: Kasper Garnaes Date: Wed, 11 Mar 2020 23:39:54 +0100 Subject: [PATCH] 4799: Authenticate react users via token availability - not SSO login We currently have two ways of authenticating users from Adgangsplatformen against FBS: 1. SSO login. This occurs for most users 2. Certain users without CPR. These get the user id and password from Adgangsplatformen and perform a normal authentication. Both approaches will result in a user getting a valid token to use With React components. However for the second type of users ding_user_is_logged_in_with_sso() will return false. This results in an inconsistent state where window.ddbReact.userAuthenticated is false while window.ddbReact.setToken() is called with a valid token. To address this situation and make React components work for both types of users we base both userAuthenticated and setToken() solely on the existence of a token. --- modules/ding_react/ding_react.module | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/modules/ding_react/ding_react.module b/modules/ding_react/ding_react.module index 9fbbc8aa6d..6f7904f725 100644 --- a/modules/ding_react/ding_react.module +++ b/modules/ding_react/ding_react.module @@ -315,12 +315,13 @@ function ding_react_user_js() { drupal_add_http_header('Content-Type', 'application/javascript'); echo "window.ddbReact = window.ddbReact || {};\n"; - $authenticated = ding_user_is_logged_in_with_sso() ? 'true' : 'false'; - echo sprintf("window.ddbReact.userAuthenticated = %s;\n", $authenticated); - $token = ding_provider_invoke('openplatform_token', 'get'); + if ($token) { + echo sprintf("window.ddbReact.userAuthenticated = true;\n"); echo sprintf("window.ddbReact.setToken('%s');\n", $token); + } else { + echo sprintf("window.ddbReact.userAuthenticated = false;\n"); } drupal_exit();