When MFA login fails, display an orange banner at the top of the screen

Question

When MFA login fails, display an orange banner at the top of the screen

laurent22 opened this issue a month ago · comments

Laurent Cozic commented a month ago

Operating system

Windows

Joplin version

3.0.0

Desktop version info

No response

Current behaviour

Currently when enabling MFA, the next sync operation is going to fail and it will just show this in the sidebar:

It's easy to miss it, so instead we should display a banner at the top (using renderNotificationMessage()) telling the user that they need to login. Clicking on the banner should open the Joplin Cloud screen for login (just like when we click on the Synchronize button)

The same should apply to mobile

Expected behaviour

No response

Logs

No response

pedr · Answer 1 · Sat Jun 22 2024 05:17:25 GMT+0800 (China Standard Time)

I'm making a change that might be bigger than the issue seems to ask, but the issue is that when I was checking the implementation I realized that there are many places where the connection to Joplin Cloud can fail.

THe current implementation of isAuthenticated while is useful to check if the user has any credentials, it will return the wrong response if the credentials are invalid (mfa was enabled, or the application record was deleted on the website). This happened because the check to see if the user was authenticated was just seeing if a sessionId existed.

The problem was that while 'isAuthenticatedwould return true, we could see a error happen in the Synchronizer or inside of a call toconfig-shared.checkSyncConfig`, meaning it was harder to be sure if the user was logged in or not.

My solution to fix this was to add a checkConfig inside the SyncTargetJoplinCloud.isAuthenticated, if we get a negative response I already redirect the user to JoplinCloudLoginScreen, avoiding the necessity of adding a banner to inform the user or keeping track of another state in the application.

There is one drawback: it will be harder for the user to see the error message returned by the server since it will only be present inside the log on console/generated by Logger

pedr · Answer 2 · Sat Jun 22 2024 06:06:17 GMT+0800 (China Standard Time)

I'm adding videos of how the implementation I did work:

First login (application without any state):

first_login.mp4

User was logged in, but credentials turned invalid (mfa was enabled or application was deleted on website):

credential_invalid.mp4

When Joplin Cloud is offline:

joplin_cloud_offline.mp4

Laurent Cozic · Answer 3 · Sat Jun 22 2024 06:06:31 GMT+0800 (China Standard Time)

Thanks for clarifying the situation, but regarding this:

My solution to fix this was to add a checkConfig inside the SyncTargetJoplinCloud.isAuthenticated, if we get a negative response I already redirect the user to JoplinCloudLoginScreen, avoiding the necessity of adding a banner to inform the user or keeping track of another state in the application.

The problem is that synchronisation might fail in the background, so in that case we don't want to jump to the login screen without asking the user.

pedr · Answer 4 · Sat Jun 22 2024 06:11:43 GMT+0800 (China Standard Time)

The problem is that synchronisation might fail in the background, so in that case we don't want to jump to the login screen without asking the user.

I don't think this will be a problem, I'm not going to change anything about synchronisation, I'm just making isAuthenticated more robust. I'm going to open a PR.

pedr · Answer 5 · Sat Jun 22 2024 06:49:54 GMT+0800 (China Standard Time)

PR: #10649