Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 16:46:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: sso redirect on /login & /api/login

Browse Source
This commit is contained in:
Barış Soner Uşaklı
2020-12-03 10:29:18 -05:00
parent c7f2640a18
commit 5d00b0895b
3 changed files with 26 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
public/src/ajaxify.js
View File

@@ -145,12 +145,18 @@ ajaxify = window.ajaxify || {};
app.alertError('[[global:please_log_in]]');
app.previousUrl = url;
window.location.href = config.relative_path + '/login';
} else if ((status === 302 || status === 308) && typeof data.responseJSON === 'string') {
ajaxifyTimer = undefined;
if (data.responseJSON.startsWith('http://') || data.responseJSON.startsWith('https://')) {
window.location.href = data.responseJSON;
} else {
ajaxify.go(data.responseJSON.slice(1), callback, quiet);
} else if (status === 302 || status === 308) {
if (data.responseJSON && data.responseJSON.external) {
// this is used by sso plugins to redirect to the auth route
// cant use ajaxify.go for /auth/sso routes
window.location.href = data.responseJSON.external;
} else if (typeof data.responseJSON === 'string') {
ajaxifyTimer = undefined;
if (data.responseJSON.startsWith('http://') || data.responseJSON.startsWith('https://')) {
window.location.href = data.responseJSON;
} else {
ajaxify.go(data.responseJSON.slice(1), callback, quiet);
}
}
}
} else if (textStatus !== 'abort') {

17
src/controllers/helpers.js
View File

@@ -145,11 +145,20 @@ helpers.notAllowed = async function (req, res, error) {
};
helpers.redirect = function (res, url, permanent) {
if (res.locals.isAPI) {
res.set('X-Redirect', encodeURI(url)).status(200).json(encodeURI(url));
let redirectUrl;
// this is used by sso plugins to redirect to the auth route
if (url.hasOwnProperty('external')) {
url.external = encodeURI(url.external);
redirectUrl = url.external;
} else {
const redirectUrl = url.startsWith('http://') || url.startsWith('https://') ?
url : relative_path + url;
url = encodeURI(url);
redirectUrl = url;
}
if (res.locals.isAPI) {
res.set('X-Redirect', redirectUrl).status(200).json(url);
} else {
redirectUrl = redirectUrl.startsWith('http://') || redirectUrl.startsWith('https://') ?
redirectUrl : relative_path + redirectUrl;
res.redirect(permanent ? 308 : 307, encodeURI(redirectUrl));
}
};

2
src/controllers/index.js
View File

@@ -125,7 +125,7 @@ Controllers.login = async function (req, res) {
data.allowLocalLogin = hasLoginPrivilege || parseInt(req.query.local, 10) === 1;
if (!data.allowLocalLogin && !data.allowRegistration && data.alternate_logins && data.authentication.length === 1) {
return helpers.redirect(res, data.authentication[0].url);
return helpers.redirect(res, { external: data.authentication[0].url });
}
if (req.loggedIn) {