Giters

SigNoz / signoz

SigNoz is an open-source observability platform native to OpenTelemetry with logs, traces and metrics in a single application. An open-source alternative to DataDog, NewRelic, etc. 🔥 🖥. 👉 Open source Application Performance Monitoring (APM) & Observability tool

Home Page:https://signoz.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

improve user login experience when access updated

prashant-shahi opened this issue · comments

commented

Summary

When access is updated for a user in the project, the updated user has to logout and log back in to reflect the change in access.

How to reproduce

  1. Login with Viewer-level user
  2. In another tab login with admin user, and update the access of viewer-level user to Editor/Admin
  3. Switch back to viewer-level user tab, and use the UI

Additional context

NA

commented

Can I work on the backend part of this issue ?

commented

I went through the codebase regarding this issue and realized that this is not just a user experience issue, its also a security issue.
Please assign me this issue, i want to work on this.
@prashant-shahi ?

commented

@KJ1010G Assigned to you. Do let us know when you have a draft ready to be reviewed. Or you face any issues or have any doubts.

commented

Thanks!
I opened one pull request which I believe solves part of the problem.
More work needs to be done but that work relies on the availability of cache in signoz deployments.

var c cache.Cache
if serverOptions.CacheConfigPath != "" {
        cacheOpts, err := cache.LoadFromYAMLCacheConfigFile(serverOptions.CacheConfigPath)
        if err != nil {
	        return nil, err
        }
        c = cache.NewCache(cacheOpts)
}

Above is code from queryservice/app/server.go

Is this CacheConfigPath always set in deployments @prashant-shahi ?

I am thinking of using cache to maintain a list of recently revoked access tokens.

commented

@makeavish or someone from the team should be getting back to you soon.

commented

The way I am thinking of solving this issue is...

  1. Cross check refresh token based logins (PR above does that)
  2. On edit role and delete user api calls, create a cache entry with key being userID and value being the new group, or 'deleted'. The TTL of this cache entry being the 30mins (access token validity time). In case an admin is deleted or demoted, also revoke all their PATs if any.
  3. On every request, when we fetch user details from access tokens, we check the cache if the key of that ID is present. If present, and the group from access token does not match cache value, we send the user ErrorTokenExpired response so the frontend tries to login again using refresh tokens and gets updated tokens.
  4. On the login response add a new field called "oldRole". If it not empty, it means access has been recently updated. Frontend can use this to inform user of the change and do whatever else necessary to make for a good user experience.

Please let me know if this is a viable approach or if there is a better way of doing this or if i missed anything. @prashant-shahi @makeavish @YounixM @srikanthccv

commented

Hi @KJ1010G : Thanks for sharing the PR. Let us go through the approach and get back to you with an update.

commented

@vikrantgupta25 : Did you get a chance to look at the approach shared by @KJ1010G ?

commented

will need some time to review the approach and changes, will get back on the same @KJ1010G