Page MenuHomePhabricator
Create Task
Maniphest T71691

Ability to recover from an Expired session (badtoken)
Closed, ResolvedPublic
Actions

Description

Reports of user getting the badtoken API error. This was traced back by the user to the user's session having expired during the steps of the upload.

The wizard (and much of our JS/API/UI btw) does not really handle expired sessions nicely, probably an area where we need to improve. I believe we have an 'assert' for this on the API nowadays ? Perhaps it needs to be used by the UW api calls.

https://commons.wikimedia.org/wiki/Commons:Upload_Wizard_feedback#Internal_error:_bad_token

Version: master
Severity: normal

Details

Reference
bz69691
SubjectRepoBranchLines +/-
Really recover from 'badtoken' error when uploadingmediawiki/extensions/UploadWizardwmf/1.26wmf22+11 -0
Really recover from 'badtoken' error when uploadingmediawiki/extensions/UploadWizardmaster+11 -0
Recover from 'badtoken' error when uploadingmediawiki/extensions/UploadWizardmaster+9 -0
mediawiki.api: Add #badToken for invalidating bad cached tokensmediawiki/coremaster+45 -7
Customize query in gerrit

Related Objects
Search...

Event Timeline

bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 3:39 AM
bzimport added a project: UploadWizard.
bzimport set Reference to bz69691.
bzimport added a subscriber: Unknown Object (MLST).
TheDJ created this task.Aug 18 2014, 12:23 PM
Tgr added a comment.Aug 18 2014, 1:01 PM

I don't see how an assert would help (unless you are on a wiki which allows anonymous uploads).

TheDJ added a comment.Aug 18 2014, 1:34 PM

I think what the user here is after is consistency. So if he enters as a logged in user, he expects to upload and finish all the steps as a user as well. So when we start, check if user is logged in, if he is, add "assert=user", if assert fails, see if we can help the user log in again.

Tgr added a comment.Aug 18 2014, 1:40 PM

Anonymous uploads are disallowed though (actually UW does not work without logging in even if you allow them - that's a separate bug), so AFAIK the only difference an assert makes is that the API error will be assertuserfail instead of badtoken.

A more helpful error message linking (with target=_blank) to the login page would certainly be helpful.

Nemo_bis added a comment.Aug 28 2014, 4:05 PM

Maybe something like bug 69314 can be done in UploadWizard as well?

See also bug 69596.

Gilles triaged this task as Medium priority.Nov 24 2014, 2:04 PM
Gilles subscribed.
Gilles added a project: Multimedia.Nov 24 2014, 3:16 PM
Tgr merged a task: T77822: Renew token on badtoken error.Dec 30 2014, 10:07 PM
Tgr added subscribers: Aklapper, MingleTerminator.
Tgr unsubscribed.
Tgr subscribed.
Gilles added a parent task: T91652: Address technical issues responsible for funnel drop-offs in UploadWizard.Mar 6 2015, 5:39 AM
Steinsplitter added a project: Commons.Mar 13 2015, 6:38 PM
Steinsplitter moved this task from Incoming to Uploading on the Commons board.
Tgr added a subtask: T94099: Rewrite mw.FormDataTransport.js to make use of mw.Api.Apr 2 2015, 1:52 PM
matmarex renamed this task from Ability to recover from an Expired session to Ability to recover from an Expired session (badtoken).Apr 30 2015, 11:42 PM
matmarex set Security to None.
matmarex edited subscribers, added: matmarex; removed: MingleTerminator, Unknown Object (MLST).
matmarex claimed this task.Apr 30 2015, 11:54 PM

Wow, this really should have had higher priority.

gerritbot subscribed.May 1 2015, 12:05 AM

Change 208043 had a related patch set uploaded (by Bartosz Dziewoński):
mediawiki.api: Add #badToken for invalidating bad cached tokens

https://gerrit.wikimedia.org/r/208043

gerritbot added a project: Patch-For-Review.May 1 2015, 12:05 AM

Change 208044 had a related patch set uploaded (by Bartosz Dziewoński):
Recover from 'badtoken' error when uploading

https://gerrit.wikimedia.org/r/208044

Gilles unsubscribed.May 4 2015, 9:40 AM
Jdforrester-WMF raised the priority of this task from Medium to High.May 5 2015, 3:57 PM
gerritbot added a comment.May 5 2015, 7:01 PM

Change 208043 merged by jenkins-bot:
mediawiki.api: Add #badToken for invalidating bad cached tokens

https://gerrit.wikimedia.org/r/208043

matmarex mentioned this in rMW7b05096bcae0: mediawiki.api: Add #badToken for invalidating bad cached tokens.May 5 2015, 7:01 PM
gerritbot added a comment.May 5 2015, 7:19 PM

Change 208044 merged by jenkins-bot:
Recover from 'badtoken' error when uploading

https://gerrit.wikimedia.org/r/208044

matmarex mentioned this in rEUWI5df9b2d20beb: Recover from 'badtoken' error when uploading.May 5 2015, 7:19 PM
MarkTraceur added a comment.May 5 2015, 7:19 PM

I assume we need one more patch once the blocker is fixed?

matmarex mentioned this in rMEXT94e333f5d671: Updated mediawiki/extensions Project: mediawiki/extensions/UploadWizard….May 5 2015, 7:19 PM
Jdforrester-WMF added a project: User-notice.May 5 2015, 7:22 PM
Jdforrester-WMF subscribed.
matmarex closed this task as Resolved.May 6 2015, 8:01 AM

I think this is actually all, the core patch and the UploadWizard patch.

Nemo_bis added a comment.May 6 2015, 9:36 AM

It will be interesting to monitor the impact of this fix on upload errors: where are they graphed now? http://multimedia-metrics.wmflabs.org/ doesn't load any graph/datasource. http://datasets.wikimedia.org/public-datasets/all/multimedia/upload-wizard-funnel-absolute.tsv works though.

gpaumier moved this task from To Triage to Announce in next Tech/News on the User-notice board.May 6 2015, 8:37 PM
gpaumier moved this task from Announce in next Tech/News to In current Tech/News draft on the User-notice board.May 6 2015, 10:19 PM
TheDJ added a comment.May 7 2015, 8:45 AM

@Nemo_bis http://multimedia-metrics.wmflabs.org/dashboards/uw

Nemo_bis added a comment.May 7 2015, 10:34 AM
In T71691#1268117, @TheDJ wrote:

@Nemo_bis http://multimedia-metrics.wmflabs.org/dashboards/uw

Yeah, today it works again.

gpaumier moved this task from In current Tech/News draft to Recently announced in Tech/News on the User-notice board.May 9 2015, 3:07 AM
gpaumier moved this task from Recently announced in Tech/News to Already announced/Archive on the User-notice board.May 14 2015, 10:49 PM
gerritbot added a comment.Sep 14 2015, 9:16 PM

Change 238325 had a related patch set uploaded (by Bartosz Dziewoński):
Really recover from 'badtoken' error when uploading

https://gerrit.wikimedia.org/r/238325

Restricted Application added a subscriber: Matanya. · View Herald TranscriptSep 14 2015, 9:16 PM
matmarex mentioned this in T112446: Upload wizard fails with api-error-badtoken, cannot resubmit.Sep 14 2015, 9:17 PM
gerritbot added a comment.Sep 14 2015, 9:45 PM

Change 238334 had a related patch set uploaded (by MarkTraceur):
Really recover from 'badtoken' error when uploading

https://gerrit.wikimedia.org/r/238334

gerritbot added a comment.Sep 14 2015, 9:46 PM

Change 238325 merged by jenkins-bot:
Really recover from 'badtoken' error when uploading

https://gerrit.wikimedia.org/r/238325

matmarex mentioned this in rMEXTa6dbce2f4701: Updated mediawiki/extensions Project: mediawiki/extensions/UploadWizard….Sep 14 2015, 9:46 PM
MarkTraceur mentioned this in rEUWIed65064bea11: Really recover from 'badtoken' error when uploading.Sep 14 2015, 9:46 PM
gerritbot added a comment.Sep 14 2015, 11:06 PM

Change 238334 merged by jenkins-bot:
Really recover from 'badtoken' error when uploading

https://gerrit.wikimedia.org/r/238334

matmarex mentioned this in rMW408974afeb3f: Updated mediawiki/core Project: mediawiki/extensions/UploadWizard….Sep 14 2015, 11:06 PM
Jdforrester-WMF mentioned this in rEUWI72dbd8cd4eda: Really recover from 'badtoken' error when uploading.Sep 14 2015, 11:06 PM
Luke081515 subscribed.Sep 16 2015, 3:14 PM
matmarex mentioned this in T66698: Upload hangs after "describe" step.Dec 4 2015, 1:30 PM
matmarex closed subtask T94099: Rewrite mw.FormDataTransport.js to make use of mw.Api as Resolved.Dec 27 2016, 11:10 PM
Ladsgroup edited projects, added User-notice-archive; removed User-notice.Aug 13 2022, 1:53 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL