Person Token Forbidden Behavior

Person Token Forbidden Behavior


Currently, when a person token is forbidden due to security groups, it puts the URL parameter but has a value of "TokenForbidden."  This results in a message on the page that the token is invalid, but no way to get to the page they were going to even after logging in.  Any link to the login page would not have the correct return url passed.

One potential alternative is not to return the rckipid= at all.  This has the added benefit of preserving the redirect to the login page and return url functionality.

Another alternative would be to update the code that shows the invalid token message and add a button to a login page with the original page as the return URL parameter.

In either case, the person would be taken to a login page and redirected back to what they were trying to get to after the login.

Use Case Problems:

Group Attendance Reminder email generates a link to log them in, which, when the token is forbidden, yields going to the correct page but with a message that the token is invalid. They then need to click on a login button to log in and find their way back to the page. I updated the lava to only include the person token parameter in the link itself if the token is not forbidden. This leads them to the login page with the correct page and parameters as the return url.

Photo of Kevin RutledgeSubmitted by Kevin Rutledge, Kevin Rutledge  ·   ·  Core
Login to add a comment...

Submission Success Tips

Cultivate your ideas for maximum impact with these helpful submission tips that will increase the chances of your brilliant concepts becoming reality.

  • Clear Title: Craft a straightforward and descriptive title that instantly conveys the essence of your idea.
  • Concise Description: Provide an idea description that is succinct, ensuring it effectively communicates the concept without unnecessary verbosity.
  • Provide Additional Details: With a concise description complete, now provide any other details that are needed to better understand the requirements.
  • Thorough Ministry Need Review: Provide a comprehensive overview of the ministry need your idea addresses, emphasizing its significance.
  • Cover the WHY: Clearly articulate the rationale behind your idea, explaining why it's essential and how it aligns with the organization's goals and mission. Oftentimes a clear "why" sheds light into other possible options.