Avoid multiple requests without a valid token

[mateodurante]

This pull request improves client-side authentication handling in the intelmq_manager/static/js/static.js file. The main changes focus on preventing unauthorized requests and ensuring users are logged out if their session is no longer valid.

This PR prevents multiple 401 requests issue:

Authentication handling improvements:

• In the authenticatedAjax function, added a check to prevent AJAX requests from being sent if there is no login token in sessionStorage; instead, the function now immediately rejects the request with a 401 Unauthorized error and an appropriate message.
• In the ajax_fail_callback function, added logic to automatically call logout() if a 401 Unauthorized response is received, ensuring users are logged out when their session expires or becomes invalid.

[Copilot]

Pull request overview

This PR tightens client-side authentication behavior in the IntelMQ Manager frontend by preventing authenticated AJAX calls from being issued without a session token and by logging the user out when the backend returns 401 Unauthorized.

Changes:

• In authenticatedAjax, short-circuit requests when sessionStorage has no login_token by returning a rejected promise with a synthetic 401.
• In ajax_fail_callback, automatically call logout() when a request fails with HTTP 401.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[einar-lanfranco]

Good idea, we have problems with this specialy when we use Intelmq during trainings, the students restart the docker and everything look like freeze!
And if you redirect to the login instead of just show the log?

[mateodurante]

Good idea, we have problems with this specialy when we use Intelmq during trainings, the students restart the docker and everything look like freeze! And if you redirect to the login instead of just show the log?

Good idea, we have problems with this specialy when we use Intelmq during trainings, the students restart the docker and everything look like freeze! And if you redirect to the login instead of just show the log?

That would be a great solution, but the main issue is that the login is currently a modal that loads across all pages rather than a dedicated route.

To implement a clean redirect, we would really need a standalone login page. I’ve experimented with forcing the modal to open automatically or trying a workaround, but the user experience feels clunky and 'off.' Ideally, we should move toward having a primary login page to handle these redirects properly.

In the meantime, the current approach serves as a safeguard: it prevents an infinite loop of requests and ensures the 'logged in user' state is cleared/updated if the token is no longer valid.