Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-31 02:55:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: explicit handling of SSO success and failure

Browse Source
This commit is contained in:
Julian Lam
2019-01-21 15:29:32 -05:00
parent 5ee173c2f6
commit 059a4be204
2 changed files with 24 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/controllers/index.js
View File

@@ -92,7 +92,7 @@ Controllers.login = function (req, res, next) {
var registrationType = meta.config.registrationType || 'normal'; var registrationType = meta.config.registrationType || 'normal';
var allowLoginWith = (meta.config.allowLoginWith || 'username-email'); var allowLoginWith = (meta.config.allowLoginWith || 'username-email');
var returnTo = (req.headers['x-return-to'] || '').replace(nconf.get('base_url'), ''); var returnTo = (req.headers['x-return-to'] || '').replace(nconf.get('base_url') + nconf.get('relative_path'), '');
var errorText; var errorText;
if (req.query.error === 'csrf-invalid') { if (req.query.error === 'csrf-invalid') {
@@ -214,7 +214,7 @@ Controllers.registerInterstitial = function (req, res, next) {
// No interstitials, redirect to home // No interstitials, redirect to home
const returnTo = req.session.returnTo || req.session.registration.returnTo; const returnTo = req.session.returnTo || req.session.registration.returnTo;
delete req.session.registration; delete req.session.registration;
return helpers.redirect(res, returnTo || nconf.get('relative_path') + '/'); return helpers.redirect(res, returnTo || '/');
} }
var renders = data.interstitials.map(function (interstitial) { var renders = data.interstitials.map(function (interstitial) {
return async.apply(req.app.render.bind(req.app), interstitial.template, interstitial.data || {}); return async.apply(req.app.render.bind(req.app), interstitial.template, interstitial.data || {});

27
src/routes/authentication.js
View File

@@ -3,10 +3,10 @@
var async = require('async'); var async = require('async');
var passport = require('passport'); var passport = require('passport');
var passportLocal = require('passport-local').Strategy; var passportLocal = require('passport-local').Strategy;
var nconf = require('nconf');
var winston = require('winston'); var winston = require('winston');
var controllers = require('../controllers'); var controllers = require('../controllers');
var helpers = require('../controllers/helpers');
var plugins = require('../plugins'); var plugins = require('../plugins');
var loginStrategies = []; var loginStrategies = [];
@@ -88,10 +88,27 @@ Auth.reloadRoutes = function (router, callback) {
// passport seems to remove `req.session.returnTo` after it redirects // passport seems to remove `req.session.returnTo` after it redirects
req.session.registration.returnTo = req.session.returnTo; req.session.registration.returnTo = req.session.returnTo;
next(); next();
}, passport.authenticate(strategy.name, { }, function (req, res, next) {
successReturnToOrRedirect: nconf.get('relative_path') + (strategy.successUrl !== undefined ? strategy.successUrl : '/'), passport.authenticate(strategy.name, function (err, user) {
failureRedirect: nconf.get('relative_path') + (strategy.failureUrl !== undefined ? strategy.failureUrl : '/login'), if (err) {
})); delete req.session.registration;
return next(err);
}
if (!user) {
delete req.session.registration;
return helpers.redirect(res, strategy.failureUrl !== undefined ? strategy.failureUrl : '/login');
}
req.login(user, function (err) {
if (err) {
return next(err);
}
helpers.redirect(res, strategy.successUrl !== undefined ? strategy.successUrl : '/');
});
})(req, res, next);
});
}); });
router.post('/register', Auth.middleware.applyCSRF, Auth.middleware.applyBlacklist, controllers.authentication.register); router.post('/register', Auth.middleware.applyCSRF, Auth.middleware.applyBlacklist, controllers.authentication.register);