Don't redirect to /login if authentication is required

We can just serve the login page in place.

src/lib/Hydra/Controller/User.pm

@@ -75,7 +75,7 @@ sub logout_GET {
 sub persona_login :Path('/persona-login') Args(0) {
     my ($self, $c) = @_;
     $c->stash->{json} = {};
-    die if $c->request->method ne "POST";
+    requirePost($c);
 
     my $assertion = $c->req->params->{assertion} or die;
 
@@ -85,10 +85,10 @@ sub persona_login :Path('/persona-login') Args(0) {
         { assertion => $assertion,
           audience => "http://localhost:3000/"
         });
-    Catalyst::Exception->throw("Did not get a response from Persona.") unless $response->is_success;
+    error($c, "Did not get a response from Persona.") unless $response->is_success;
 
     my $d = decode_json($response->decoded_content) or die;
-    Catalyst::Exception->throw("Persona says: $d->{reason}") if $d->{status} ne "okay";
+    error($c, "Persona says: $d->{reason}") if $d->{status} ne "okay";
 
     my $email = $d->{email} or die;
 
@@ -106,6 +106,16 @@ sub persona_login :Path('/persona-login') Args(0) {
     $c->set_authenticated($user);
 
     $c->stash->{json}->{result} = "ok";
+    $c->flash->{flashMsg} = "You are now signed in as <tt>" . $email . "</tt>";
+}
+
+
+sub persona_logout :Path('/persona-logout') Args(0) {
+    my ($self, $c) = @_;
+    $c->stash->{json} = {};
+    requirePost($c);
+    $c->flash->{flashMsg} = "You are no longer signed in." if $c->user_exists();
+    $c->logout;
 }
 
 

src/lib/Hydra/Helper/CatalystUtils.pm

@@ -89,7 +89,8 @@ sub getPreviousSuccessfulBuild {
 
 
 sub error {
-    my ($c, $msg) = @_;
+    my ($c, $msg, $status) = @_;
+    $c->response->status($status) if defined $status;
     $c->error($msg);
     $c->detach; # doesn't return
 }
@@ -97,8 +98,7 @@ sub error {
 
 sub notFound {
     my ($c, $msg) = @_;
-    $c->response->status(404);
+    error($c, $msg, 404);
-    error($c, $msg);
 }
 
 
@@ -113,8 +113,7 @@ sub backToReferer {
 sub requireLogin {
     my ($c) = @_;
     $c->session->{referer} = $c->request->uri;
-    $c->response->redirect($c->uri_for('/login'));
+    error($c, "This page requires you to sign in.", 403);
-    $c->detach; # doesn't return
 }
 
 
@@ -130,24 +129,21 @@ sub requireProjectOwner {
 
     requireLogin($c) if !$c->user_exists;
 
-    error($c, "Only the project members or administrators can perform this operation.")
+    error($c, "Only the project members or administrators can perform this operation.", 403)
         unless isProjectOwner($c, $project);
 }
 
 
 sub isAdmin {
     my ($c) = @_;
-
     return $c->user_exists && $c->check_user_roles('admin');
 }
 
 
 sub requireAdmin {
     my ($c) = @_;
-
     requireLogin($c) if !$c->user_exists;
-
+    error($c, "Only administrators can perform this operation.", 403)
-    error($c, "Only administrators can perform this operation.")
         unless isAdmin($c);
 }
 

src/root/layout.tt

@@ -121,12 +121,11 @@
             .fail(function() { bootbox.alert("Server request failed!"); });
         },
         onlogout: function() {
-          $.ajax({
+          $.post("[% c.uri_for('/persona-logout') %]")
-            type: 'POST',
+            .done(function(data) {
-            url: '/logout',
+              window.location.reload();
-            success: function(res, status, xhr) { window.location.reload(); },
+            })
-            error: function(xhr, status, err) { alert("Logout failure: " + err); }
+            .fail(function() { bootbox.alert("Server request failed!"); });
-          });
         }
       });