Set redirect when sending user to login page.

Allows smart redirecting to work when public access is turned off.
2024-11-07 20:31:06 -05:00 · 2017-01-10 15:42:36 +00:00 · 2017-01-10 15:42:36 +00:00 · f5ced03074
commit f5ced03074
parent 0b67265eb6
2 changed files with 8 additions and 0 deletions
--- a/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee
+++ b/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee
@ -148,6 +148,7 @@ module.exports = AuthenticationController =
 			return next()
 		else
 			logger.log url:req.url, "user trying to access endpoint not in global whitelist"
+			AuthenticationController._setRedirectInSession(req)
 			return res.redirect "/login"

 	httpAuth: basicAuth (user, pass)->
--- a/services/web/test/UnitTests/coffee/Authentication/AuthenticationControllerTests.coffee
+++ b/services/web/test/UnitTests/coffee/Authentication/AuthenticationControllerTests.coffee
@ -387,6 +387,10 @@ describe "AuthenticationController", ->
 		beforeEach ->
 			@req.headers = {}
 			@AuthenticationController.httpAuth = sinon.stub()
+			@_setRedirect = sinon.spy(@AuthenticationController, '_setRedirectInSession')
+
+		afterEach ->
+			@_setRedirect.restore()

 		describe "with white listed url", ->
 			beforeEach ->
@ -431,6 +435,9 @@ describe "AuthenticationController", ->
 				@req.session = {}
 				@AuthenticationController.requireGlobalLogin @req, @res, @next

+			it 'should have called setRedirectInSession', ->
+				@_setRedirect.callCount.should.equal 1
+
 			it "should redirect to the /login page", ->
 				@res.redirectedTo.should.equal "/login"