Switch from respond_with_navigational to redirect_to
This replaces respond_with_navigational
with redirect_to
when
redirecting to the sign-in form after a failed sign-in attempts.
There seems to be an issue with respond_with_navigational
that prevents
feature flags and other properties like the ArkoseLabs public key from being pushed to the frontend. This issue does not
seem to happen when using redirect_to.
Changelog: fixed
How to reproduce this?
- Checkout the
master
branch. - Enable the echo
arkose_labs_login_challenge
feature flag:echo "Feature.enable(:arkose_labs_login_challenge)" | rails c
- Expose the
ARKOSE_LABS_PUBLIC_KEY
and restart the GDK in the same terminal:export ARKOSE_LABS_PUBLIC_KEY="9F5BDFCD-E895-43B5-8D96-B24E0107B685" gdk restart
- Apply the following patch to force the ArkoseLabs token verification to fail:
diff --git a/ee/app/services/arkose/user_verification_service.rb b/ee/app/services/arkose/user_verification_service.rb index 7aa9d540844..1b4aaddd25e 100644 --- a/ee/app/services/arkose/user_verification_service.rb +++ b/ee/app/services/arkose/user_verification_service.rb @@ -12,6 +12,7 @@ def initialize(session_token:, user:) end def execute + return false response = Gitlab::HTTP.perform_request(Net::HTTP::Post, VERIFY_URL, body: body).parsed_response logger.info(build_message(response))
- Sign-out of your running GDK instance.
- Try to sign-in with valid credential.
- You should see the
Login failed. Please retry from your primary device and network.
error. - In the browser's console, you should see the following error:
index.js?fec1:3 Uncaught TypeError: Cannot read properties of undefined (reading 'arkoseLabsLoginChallenge')
- Executing
gon.features
in the brower's console returnsundefined
.
- You should see the
- Checkout this branch and repeat steps 4 to 6.
- You should still see the
Login failed. Please retry from your primary device and network.
error. - In the console, there should be no uncaught TypeError.
- You should see the enabled feature flags when executing
gon.features
in the console.
- You should still see the
Edited by Paul Gascou-Vaillancourt