Skip to content

Harden VNC UI setup API calls against expired auth redirects #231

Description

@jamesachurchill

Summary

The VNC setup UI should handle expired setup sessions cleanly when API calls return 401 or an HTML login redirect instead of the expected JSON payload.

Problem

Several VNC UI actions expect JSON from setup API endpoints:

  • VNC availability probing;
  • VNC install/repair;
  • reboot request after repair;
  • VNC clipboard read/write.

If the setup session expires, these calls can receive a 401 or a redirect to /login. Without explicit handling, the UI may attempt to parse the wrong response shape, surface a confusing error, or silently fail.

Proposed shape

  • Send Accept: application/json on VNC setup API calls.
  • Detect 401 responses.
  • Detect redirected responses whose final path is /login.
  • Show a clear expired-login message asking the user to refresh/sign in again.
  • Avoid continuing repair/reboot/poll loops after auth expiry is detected.

Acceptance criteria

  • VNC availability check surfaces a clear login-expired state on 401 or login redirect.
  • VNC repair action stops and shows a clear error on auth expiry.
  • Reboot request after repair stops and shows a clear error on auth expiry.
  • VNC clipboard read/write does not try to parse a login page as JSON.
  • Unit or component tests cover at least one 401 path and one redirected-login path.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions