From a0d12945661f2daa60dd1c245b0a94e4cfd43d9b Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jo@mein.io>
Date: Wed, 11 Sep 2019 09:30:00 +0200
Subject: [PATCH] luci-base: luci.js: register rpc interceptor to catch expired
 sessions

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
---
 .../htdocs/luci-static/resources/luci.js      | 58 +++++++++++++------
 1 file changed, 41 insertions(+), 17 deletions(-)

diff --git a/modules/luci-base/htdocs/luci-static/resources/luci.js b/modules/luci-base/htdocs/luci-static/resources/luci.js
index 0b9886680..687ac0e67 100644
--- a/modules/luci-base/htdocs/luci-static/resources/luci.js
+++ b/modules/luci-base/htdocs/luci-static/resources/luci.js
@@ -850,6 +850,25 @@
 			return (ft != null && ft != false);
 		},
 
+		notifySessionExpiry: function() {
+			Poll.stop();
+
+			L.ui.showModal(_('Session expired'), [
+				E('div', { class: 'alert-message warning' },
+					_('A new login is required since the authentication session expired.')),
+				E('div', { class: 'right' },
+					E('div', {
+						class: 'btn primary',
+						click: function() {
+							var loc = window.location;
+							window.location = loc.protocol + '//' + loc.host + loc.pathname + loc.search;
+						}
+					}, _('To login…')))
+			]);
+
+			L.raise('SessionError', 'Login session is expired');
+		},
+
 		setupDOM: function(res) {
 			var domEv = res[0],
 			    uiClass = res[1],
@@ -859,26 +878,31 @@
 
 			rpcClass.setBaseURL(rpcBaseURL);
 
-			Request.addInterceptor(function(res) {
-				if (res.status != 403 || res.headers.get('X-LuCI-Login-Required') != 'yes')
+			rpcClass.addInterceptor(function(msg, req) {
+				if (!L.isObject(msg) || !L.isObject(msg.error) || msg.error.code != -32002)
 					return;
 
-				Poll.stop();
-
-				L.ui.showModal(_('Session expired'), [
-					E('div', { class: 'alert-message warning' },
-						_('A new login is required since the authentication session expired.')),
-					E('div', { class: 'right' },
-						E('div', {
-							class: 'btn primary',
-							click: function() {
-								var loc = window.location;
-								window.location = loc.protocol + '//' + loc.host + loc.pathname + loc.search;
-							}
-						}, _('To login…')))
-				]);
+				if (!L.isObject(req) || (req.object == 'session' && req.method == 'access'))
+					return;
+
+				return rpcClass.declare({
+					'object': 'session',
+					'method': 'access',
+					'params': [ 'scope', 'object', 'function' ],
+					'expect': { access: true }
+				})('uci', 'luci', 'read').catch(L.notifySessionExpiry);
+			});
+
+			Request.addInterceptor(function(res) {
+				var isDenied = false;
+
+				if (res.status == 403 && res.headers.get('X-LuCI-Login-Required') == 'yes')
+					isDenied = true;
+
+				if (!isDenied)
+					return;
 
-				throw 'Session expired';
+				L.notifySessionExpiry();
 			});
 
 			return this.probeSystemFeatures().finally(this.initDOM);
-- 
2.25.1