Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 16:46:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: explicit handling of SSO success and failure

Browse Source
This commit is contained in:
Julian Lam
2019-01-21 15:29:32 -05:00
parent 5ee173c2f6
commit 059a4be204
2 changed files with 24 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/controllers/index.js
View File

@@ -92,7 +92,7 @@ Controllers.login = function (req, res, next) {
var registrationType = meta.config.registrationType || 'normal';
var allowLoginWith = (meta.config.allowLoginWith || 'username-email');
var returnTo = (req.headers['x-return-to'] || '').replace(nconf.get('base_url'), '');
var returnTo = (req.headers['x-return-to'] || '').replace(nconf.get('base_url') + nconf.get('relative_path'), '');
var errorText;
if (req.query.error === 'csrf-invalid') {
@@ -214,7 +214,7 @@ Controllers.registerInterstitial = function (req, res, next) {
// No interstitials, redirect to home
const returnTo = req.session.returnTo || req.session.registration.returnTo;
delete req.session.registration;
return helpers.redirect(res, returnTo || nconf.get('relative_path') + '/');
return helpers.redirect(res, returnTo || '/');
}
var renders = data.interstitials.map(function (interstitial) {
return async.apply(req.app.render.bind(req.app), interstitial.template, interstitial.data || {});

27
src/routes/authentication.js
View File

@@ -3,10 +3,10 @@
var async = require('async');
var passport = require('passport');
var passportLocal = require('passport-local').Strategy;
var nconf = require('nconf');
var winston = require('winston');
var controllers = require('../controllers');
var helpers = require('../controllers/helpers');
var plugins = require('../plugins');
var loginStrategies = [];
@@ -88,10 +88,27 @@ Auth.reloadRoutes = function (router, callback) {
// passport seems to remove `req.session.returnTo` after it redirects
req.session.registration.returnTo = req.session.returnTo;
next();
}, passport.authenticate(strategy.name, {
successReturnToOrRedirect: nconf.get('relative_path') + (strategy.successUrl !== undefined ? strategy.successUrl : '/'),
failureRedirect: nconf.get('relative_path') + (strategy.failureUrl !== undefined ? strategy.failureUrl : '/login'),
}));
}, function (req, res, next) {
passport.authenticate(strategy.name, function (err, user) {
if (err) {
delete req.session.registration;
return next(err);
}
if (!user) {
delete req.session.registration;
return helpers.redirect(res, strategy.failureUrl !== undefined ? strategy.failureUrl : '/login');
}
req.login(user, function (err) {
if (err) {
return next(err);
}
helpers.redirect(res, strategy.successUrl !== undefined ? strategy.successUrl : '/');
});
})(req, res, next);
});
});
router.post('/register', Auth.middleware.applyCSRF, Auth.middleware.applyBlacklist, controllers.authentication.register);