wip to Core

3 years ago · 590b2c740b
5 changed files with 13 additions and 11 deletions
--- a/app/controllers/auth.js
+++ b/app/controllers/auth.js
@ -140,6 +140,8 @@ class AuthController extends SiteController {
  }

  async postLogin (req, res, next) {
+    const redirectUri = req.session.loginReturnTo || '/';
+    this.log.debug('starting passport.authenticate', { session: req.session, redirectUri });
    passport.authenticate('dtp-local', (error, user/*, info*/) => {
      if (error) {
        req.session.loginResult = error.toString();
@ -154,7 +156,7 @@ class AuthController extends SiteController {
        if (error) {
          return next(error);
        }
-        return res.redirect(req.session.returnTo || '/');
+        return res.redirect(redirectUri);
      });
    })(req, res, next);
  }
--- a/app/services/oauth2.js
+++ b/app/services/oauth2.js
@ -15,7 +15,6 @@ const striptags = require('striptags');

 const oauth2orize = require('oauth2orize');
 const passport = require('passport');
-const ensureLoggedIn = require('connect-ensure-login');

 const generatePassword = require('password-generator');

@ -62,16 +61,21 @@ class OAuth2Service extends SiteService {
  }

  attachRoutes (app) {
+    const { session: sessionService } = this.dtp.services;
+    const requireLogin = sessionService.authCheckMiddleware({
+      requireAuth: true,
+      loginUri: '/welcome/login'
+    });
    app.get(
      '/oauth2/authorize',
-      ensureLoggedIn.ensureLoggedIn('/welcome/login'),
+      requireLogin,
      this.server.authorize(this.processAuthorize.bind(this)),
      this.renderAuthorizeDialog.bind(this),
    );

    app.post(
      '/oauth2/authorize/decision',
-      ensureLoggedIn.ensureLoggedIn('/welcome/login'),
+      requireLogin,
      this.server.decision(),
    );

--- a/app/services/session.js
+++ b/app/services/session.js
@ -48,10 +48,12 @@ class SessionService {
    options = Object.assign({
      requireLogin: true,
      requireAdmin: false,
+      loginUri: '/welcome/login',
    }, options);
    return async (req, res, next) => {
      if (options.requireLogin && !req.user) {
-        return next(new SiteError(403, 'Must sign in to proceed'));
+        req.session.loginReturnTo = req.url;
+        return res.redirect(options.loginUri);
      }
      if (options.requireAdmin && (!req.user || !req.user.flags.isAdmin)) {
        return next(new SiteError(403, 'Administrator privileges are required'));
--- a/package.json
+++ b/package.json
@ -21,7 +21,6 @@
    "chart.js": "^3.7.1",
    "chartjs-adapter-moment": "^1.0.0",
    "compression": "^1.7.4",
-    "connect-ensure-login": "^0.1.1",
    "connect-redis": "^6.1.1",
    "cookie-parser": "^1.4.6",
    "cron": "^1.8.2",
--- a/yarn.lock
+++ b/yarn.lock
@ -2557,11 +2557,6 @@ configstore@^5.0.1:
    write-file-atomic "^3.0.0"
    xdg-basedir "^4.0.0"

-connect-ensure-login@^0.1.1:
-  version "0.1.1"
-  resolved "https://registry.yarnpkg.com/connect-ensure-login/-/connect-ensure-login-0.1.1.tgz#174dcc51243b9eac23f8d98215aeb6694e2e8a12"
-  integrity sha512-u0LGY/YXgkqdD4uVz8Gkri0adby5SBPYIFQvIa4FjBIaZUN0yuZPVHsjAA2bUiprGyjh8NlqxPUcIzzfTiXhQQ==
-
 connect-history-api-fallback@^1:
  version "1.6.0"
  resolved "https://registry.yarnpkg.com/connect-history-api-fallback/-/connect-history-api-fallback-1.6.0.tgz#8b32089359308d111115d81cad3fceab888f97bc"