Better redirection after a successful login

Signed-off-by: Michal Kolodziejski <michal.kolodziejski@cern.ch>
This commit is contained in:
Michal Kolodziejski 2020-08-03 10:53:21 +02:00
parent cebd5e7da9
commit 7d815cc90c
2 changed files with 18 additions and 3 deletions

View File

@ -5,9 +5,22 @@ const config = require('../config')
const logger = require('../logger') const logger = require('../logger')
exports.setReturnToFromReferer = function setReturnToFromReferer (req) { exports.setReturnToFromReferer = function setReturnToFromReferer (req) {
var referer = req.get('referer')
if (!req.session) req.session = {} if (!req.session) req.session = {}
var referer = req.get('referer')
var refererSearchParams = new URLSearchParams(new URL(referer).search)
var nextURL = refererSearchParams.get('next')
if (nextURL) {
var isRelativeNextURL = nextURL.indexOf('://') === -1 && !nextURL.startsWith('//')
if (isRelativeNextURL) {
req.session.returnTo = (new URL(nextURL, config.serverURL)).toString()
} else {
req.session.returnTo = config.serverURL
}
} else {
req.session.returnTo = referer req.session.returnTo = referer
}
} }
exports.passportGeneralCallback = function callback (accessToken, refreshToken, profile, done) { exports.passportGeneralCallback = function callback (accessToken, refreshToken, profile, done) {

View File

@ -32,8 +32,10 @@ function errorForbidden (req, res) {
if (req.user) { if (req.user) {
responseError(res, '403', 'Forbidden', 'oh no.') responseError(res, '403', 'Forbidden', 'oh no.')
} else { } else {
var nextURL = new URL('', config.serverURL)
nextURL.search = new URLSearchParams({ next: req.originalUrl })
req.flash('error', 'You are not allowed to access this page. Maybe try logging in?') req.flash('error', 'You are not allowed to access this page. Maybe try logging in?')
res.redirect(config.serverURL + '/') res.redirect(nextURL.toString())
} }
} }