github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-02-23 13:51:23 +00:00
Code Issues Projects Releases Packages Wiki Activity

Moving the storage of referrer information to main authorization check instead of doing it in the authentication source

Browse source 
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
This commit is contained in:
Ralph Krimmel 2019-11-28 10:59:59 +01:00
parent 3e8cf5778f
commit e0a8872742
2 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/errors.js
View file

@ -6,6 +6,8 @@ module.exports = {
if (req.user) { if (req.user) {
responseError(res, '403', 'Forbidden', 'oh no.') responseError(res, '403', 'Forbidden', 'oh no.')
} else { } else {
if (!req.session) req.session = {}
req.session.returnTo = req.originalUrl || config.serverUrl + '/';
req.flash('error', 'You are not allowed to access this page. Maybe try logging in?') req.flash('error', 'You are not allowed to access this page. Maybe try logging in?')
res.redirect(config.serverURL + '/') res.redirect(config.serverURL + '/')
} }

6
lib/web/auth/saml/index.js
View file

@ -7,7 +7,6 @@ const config = require('../../../config')
const models = require('../../../models') const models = require('../../../models')
const logger = require('../../../logger') const logger = require('../../../logger')
const { urlencodedParser } = require('../../utils') const { urlencodedParser } = require('../../utils')
const { setReturnToFromReferer } = require('../utils')
const fs = require('fs') const fs = require('fs')
const intersection = function (array1, array2) { return array1.filter((n) => array2.includes(n)) } const intersection = function (array1, array2) { return array1.filter((n) => array2.includes(n)) }
@ -77,13 +76,12 @@ passport.use(new SamlStrategy({
}) })
})) }))
samlAuth.get('/auth/saml', function (req, res, next) { samlAuth.get('/auth/saml',
setReturnToFromReferer(req)
passport.authenticate('saml', { passport.authenticate('saml', {
successReturnToOrRedirect: config.serverURL + '/', successReturnToOrRedirect: config.serverURL + '/',
failureRedirect: config.serverURL + '/' failureRedirect: config.serverURL + '/'
})(req, res, next)
}) })
)
samlAuth.post('/auth/saml/callback', urlencodedParser, samlAuth.post('/auth/saml/callback', urlencodedParser,
passport.authenticate('saml', { passport.authenticate('saml', {