From 86ce781d8e7d68056822f37ed6242ee59a06ef5f Mon Sep 17 00:00:00 2001
From: Michael Jumper <mike.jumper@guac-dev.org>
Date: Wed, 11 Mar 2015 15:10:00 -0700
Subject: [PATCH] GUAC-1119: Redirect to login ONLY for requests to
 /api/tokens, and ONLY if not already at login.

---
 .../services/authenticationInterceptor.js     | 21 ++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/guacamole/src/main/webapp/app/index/services/authenticationInterceptor.js b/guacamole/src/main/webapp/app/index/services/authenticationInterceptor.js
index 4e524741d..d7bfe8aee 100644
--- a/guacamole/src/main/webapp/app/index/services/authenticationInterceptor.js
+++ b/guacamole/src/main/webapp/app/index/services/authenticationInterceptor.js
@@ -24,17 +24,24 @@ angular.module('index').factory('authenticationInterceptor', ['$location', '$q',
         function authenticationInterceptor($location, $q) {
             
     return {
-        'response': function(response) {
-            return response || $q.when(response);
-        },
 
-        'responseError': function(rejection) {
-            // Do not redirect failed api requests.
+        // Redirect users to login if authorization fails
+        responseError: function handleErrorResponse(rejection) {
+
+            // Only redirect failed authentication requests
             if ((rejection.status === 401 || rejection.status === 403)
-                    && rejection.config.url.search('api/') === -1) {
-                $location.path('/login');
+                    && rejection.config.url  === 'api/tokens') {
+
+                // Only redirect if not already on login page
+                if ($location.path() !== '/login/')
+                    $location.path('/login/');
+
             }
+
             return $q.reject(rejection);
+
         }
+
     };
+
 }]);