Related to #626 When authentication expires after some time, users see "Connection lost" and must refresh the page to see "Authentication required". This commit implements automatic redirect to login when authentication expires. Changes: - Add authentication check to WebSocket endpoint to prevent unauthenticated WebSocket connections - Handle WebSocket close with code 1008 (policy violation) as auth failure and redirect to login - Intercept 401 responses on API calls (except initial auth checks) and automatically redirect to login page - Clear stored credentials and set logout flag before redirect to ensure clean login flow This provides a better user experience by immediately redirecting to the login page when the session expires, rather than showing a confusing "Connection lost" message that requires manual page refresh. |
||
|---|---|---|
| .. | ||
| alerts.go | ||
| alerts_test.go | ||
| auth.go | ||
| auth_scope_test.go | ||
| bootstrap_token.go | ||
| config_handlers.go | ||
| config_handlers_auto_register_test.go | ||
| config_handlers_cluster_test.go | ||
| config_handlers_setup_script_test.go | ||
| csrf_store.go | ||
| demo_middleware.go | ||
| diagnostics.go | ||
| DO_NOT_EDIT_FRONTEND_HERE.md | ||
| docker_agents.go | ||
| docker_metadata.go | ||
| frontend_embed.go | ||
| guest_metadata.go | ||
| host_agents.go | ||
| host_agents_test.go | ||
| http_metrics.go | ||
| middleware.go | ||
| notifications.go | ||
| oidc_handlers.go | ||
| oidc_service.go | ||
| rate_limit_config.go | ||
| rate_limit_config_test.go | ||
| ratelimit.go | ||
| README.md | ||
| recovery_tokens.go | ||
| router.go | ||
| router_integration_test.go | ||
| security.go | ||
| security_oidc.go | ||
| security_setup_fix.go | ||
| security_setup_fix_test.go | ||
| security_test.go | ||
| security_tokens.go | ||
| security_tokens_test.go | ||
| session_store.go | ||
| system_settings.go | ||
| types.go | ||
| updates.go | ||
Internal API Package
This directory contains the API server implementation for Pulse.
Important Note About frontend-modern/
The frontend-modern/ subdirectory that appears here is:
- AUTO-GENERATED during builds
- NOT the source code - just a build artifact
- IN .gitignore - never committed
- REQUIRED BY GO - The embed directive needs it here
Frontend Development Location
👉 Edit frontend files at: /opt/pulse/frontend-modern/src/
Why This Structure?
Go's //go:embed directive has limitations:
- Cannot use
../paths to access parent directories - Cannot follow symbolic links
- Must embed files within the Go module
This is a known Go limitation and our structure works around it.