1122- No state loss when re-authenticating
- Paulina Borowa (Unlicensed)
| Test Case #:1122 | Test Case Name:No state loss when re-authenticating |
System: OpenLMIS | Subsystem: blue |
Test case designed by: Paulina Borowa | Design Date:08.12.2016 |
Short description: Currently, when a user's authentication token expires they loose the state of the application because they are internally re-directed and have their cookies destroyed. To prevent this, the OpenLMIS-UI application should catch all 401 errors that are returned from the OpenLMIS Server. When this happens, OpenLMIS-UI will open the login screen as a modal window — allowing the user to re-authenticate. When a user successfully re-authenticates, the HTTP calls that received a 401 error should be retried. Angular-http-auth(https://github.com/witoldsz/angular-http-auth) is a library that can implement catching 401 errors and buffering/retrying the failed requests. The login modal will need to be moved into a bootbox modal. Acceptance Criteria
How to invalidate the user's token
|
|
Pre – conditions: |
Step | Action | Expected system response | Comment |
1 | Login to OpenLMIS | | |
2 | Navigate to a specific requisition eg http://test.openlmis.org/public/#/requisition/6167e65c-6f56-4aeb-bff5-fdfe84e01a21/fullSupply | Chrome:
| |
3 | Copy and paste the URL into another browser | ||
4 | Authenticate in new browser = View same requisition in another browser http://test.openlmis.org/public/#/requisition/6167e65c-6f56-4aeb-bff5-fdfe84e01a21/fullSupply | Firefox after login same view as in chrome:
| |
5 | Login to OpenLMIS | ||
6 | Open a requisition that is eg 'initiated' |
| |
| 7 | Invalidate the user's token |
| |
| 8 | Attempt to submit the requisition |
| |
| 9 | View login modal, and login (again) |
| |
| 10 | When requests complete, user should see requisition page, with the requisition's state set to 'Authorized' | appears success notification | |
OpenLMIS: the global initiative for powerful LMIS software