Refs #2538. Loading js/configuration.js again. Only updating tokens on success and showing a basic warning if refresh fails.

git-svn-id: http://code.elgg.org/elgg/trunk@8719 36083f99-b078-4883-b0ff-0f9b5a30f544

1 files changed, 21 insertions, 1 deletions

diff --git a/js/lib/security.js b/js/lib/security.js
index f88c6165d..fa0a6f7ef 100644
--- a/js/lib/security.js
+++ b/js/lib/security.js
@@ -5,13 +5,15 @@ elgg.provide('elgg.security');
 
 elgg.security.token = {};
 
+elgg.security.tokenRefreshFailed = false;
+
 /**
  * Sets the currently active security token and updates all forms and links on the current page.
  *
  * @param {Object} json The json representation of a token containing __elgg_ts and __elgg_token
  * @return {Void}
  */
-elgg.security.setToken = function(json) {
+elgg.security.setToken = function(json) {	
 	//update the convenience object
 	elgg.security.token = json;
 
@@ -34,6 +36,24 @@ elgg.security.setToken = function(json) {
  */
 elgg.security.refreshToken = function() {
 	elgg.action('security/refreshtoken', function(data) {
+
+		// @todo might want to move this to setToken() once http://trac.elgg.org/ticket/3127
+		// is implemented. It's here right now to avoid soggy code.
+		if (!data || !(data.output.__elgg_ts && data.output.__elgg_token)) {
+			elgg.register_error(elgg.echo('js:security:token_refresh_failed', [elgg.get_site_url()]));
+			elgg.security.tokenRefreshFailed = true;
+
+			// don't setToken because we refresh every 5 minutes and tokens are good for 1
+			// hour by default
+			return;
+		}
+
+		// if had problems last time, let them know it's working now
+		if (elgg.security.tokenRefreshFailed) {
+			elgg.system_message(elgg.echo('js:security:token_refreshed', [elgg.get_site_url()]));
+			elgg.security.tokenRefreshFailed = false;
+		}
+		
 		elgg.security.setToken(data.output);
 	});
 };