Merge pull request #995 from ushahidi/master

Master
ushahidi · Feb 15, 2018 · d600d19 · d600d19
2 parents 3d000b7 + 7147914
commit d600d19
Showing 1 changed file with 21 additions and 18 deletions.
diff --git a/app/common/auth/authentication-interceptor.config.js b/app/common/auth/authentication-interceptor.config.js
@@ -80,15 +80,7 @@ function AuthInterceptor($rootScope, $injector, $q, CONST, Session, _) {
     function request(config) {
         var deferred = $q.defer();
 
-        if (_.has(config, 'params') && config.params.ignore403) {
-            delete config.params.ignore403;
-            config.ignorable = true;
-        }
-
-        if (config.url.indexOf('oauth/token') !== -1) {
-            config.ignorable = true;
-        }
-
+        config.ignorable = shouldIgnoreAuthError(config);
 
         if (config.url.indexOf(CONST.API_URL) === -1) {
             deferred.resolve(config);
@@ -106,20 +98,12 @@ function AuthInterceptor($rootScope, $injector, $q, CONST, Session, _) {
             config.headers.Authorization = 'Bearer ' + accessToken;
 
         }
-        // else {
-        //     // We are going to attempt to send the request without
-        //     // any access token in it.
-        //     // If the operation fails because authentication/
-        //     // authorization is needed, we will handle in
-        //     // responseError() below
-        // }
         deferred.resolve(config);
         return deferred.promise;
     }
 
     function responseError(rejection) {
         var deferred = $q.defer();
-
         // When a request is rejected there are
         // a few possible reasons. If its a 401
         // either our token expired, or we didn't have one.
@@ -165,10 +149,29 @@ function AuthInterceptor($rootScope, $injector, $q, CONST, Session, _) {
                 $rootScope.$broadcast('event:forbidden');
             }
             deferred.reject(rejection);
-        // For anything else, just forward the rejection
+            // For anything else, just forward the rejection
         } else {
             deferred.reject(rejection);
         }
         return deferred.promise;
     }
+
+    /**
+     * Returns true if url is ignorable, false if not
+     * @param config
+     */
+    function shouldIgnoreAuthError(config) {
+        var isIgnorable = false;
+        if (_.has(config, 'params') && config.params.ignore403) {
+            delete config.params.ignore403;
+            isIgnorable = true;
+        }
+        var i = 0;
+        var matchers = ['/oauth/token(/|$)', '/users(/|$)([0-9]+|$)', '/roles(/|$)'];
+        while (isIgnorable === false && i < matchers.length) {
+            isIgnorable = !!config.url.match(matchers[i]);
+            i++;
+        }
+        return isIgnorable;
+    }
 }