LP#1774448 Auth poll spam/timing repairs

Avoid spamming the server with authentication session checks on bad poll
time values.  Specifically, never poll more often than once per minute
and avoid integer overflow on long authentication timeout values
(greater than about 24.8 days) resulting in the poll running with an
effective timeout of zero and spamming the server with API calls.

Signed-off-by: Bill Erickson <berickxx@gmail.com>
Signed-off-by: Jason Boyer <jboyer@library.in.gov>

diff --git a/Open-ILS/web/js/ui/default/staff/services/auth.js b/Open-ILS/web/js/ui/default/staff/services/auth.js
index b93b6b8..9048a34 100644 (file)
--- a/Open-ILS/web/js/ui/default/staff/services/auth.js
+++ b/Open-ILS/web/js/ui/default/staff/services/auth.js
@@ -286,6 +286,19 @@ function($q , $timeout , $rootScope , $window , $location , egNet , egHatch) {
             }
         }
 
+        // add a 5 second delay to give the token plenty of time
+        // to expire on the server.
+        var pollTime = service.authtime() * 1000 + 5000;
+
+        if (pollTime < 60000) {
+            // Never poll more often than once per minute.
+            pollTime = 60000;
+        } else if (pollTime > 2147483647) {
+            // Avoid integer overflow resulting in $timeout() effectively
+            // running with timeout=0 in a loop.
+            pollTime = 2147483647;
+        }
+
         $timeout(
             function() {
                 egNet.request(                                                     
@@ -304,9 +317,7 @@ function($q , $timeout , $rootScope , $window , $location , egNet , egHatch) {
                     }
                 })
             },
-            // add a 5 second delay to give the token plenty of time
-            // to expire on the server.
-            service.authtime() * 1000 + 5000
+            pollTime
         );
     }