some login redirect shenanigans
This commit is contained in:
parent
fc78d3fdea
commit
4a6004aa7c
9
scripts/ensureLogin.js
Normal file
9
scripts/ensureLogin.js
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
// Make sure the user is logged in
|
||||||
|
// Redirect to login page and store the current path in the session for redirecting later
|
||||||
|
function ensureLogin (req, res, next) {
|
||||||
|
if (req.session.user) return next()
|
||||||
|
req.session.redirectUri = req.originalUrl
|
||||||
|
res.redirect('/login')
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports = ensureLogin
|
@ -1,4 +1,5 @@
|
|||||||
import express from 'express'
|
import express from 'express'
|
||||||
|
import ensureLogin from '../../scripts/ensureLogin'
|
||||||
import wrap from '../../scripts/asyncRoute'
|
import wrap from '../../scripts/asyncRoute'
|
||||||
import {User} from '../api'
|
import {User} from '../api'
|
||||||
import API from '../api/admin'
|
import API from '../api/admin'
|
||||||
@ -7,9 +8,7 @@ const router = express.Router()
|
|||||||
const apiRouter = express.Router()
|
const apiRouter = express.Router()
|
||||||
|
|
||||||
// Check for privilege required to access the admin panel
|
// Check for privilege required to access the admin panel
|
||||||
router.use(wrap(async (req, res, next) => {
|
router.use(ensureLogin, wrap(async (req, res, next) => {
|
||||||
if (!req.session.user) return res.redirect('/login')
|
|
||||||
|
|
||||||
if (!req.session.privilege) {
|
if (!req.session.privilege) {
|
||||||
let u = await User.get(req.session.user)
|
let u = await User.get(req.session.user)
|
||||||
req.session.privilege = u.nw_privilege
|
req.session.privilege = u.nw_privilege
|
||||||
|
@ -50,7 +50,6 @@ function objectAssembler (insane) {
|
|||||||
|
|
||||||
// Create a session and return a redirect uri if provided
|
// Create a session and return a redirect uri if provided
|
||||||
function createSession (req, user) {
|
function createSession (req, user) {
|
||||||
let uri = '/'
|
|
||||||
req.session.user = {
|
req.session.user = {
|
||||||
id: user.id,
|
id: user.id,
|
||||||
username: user.username,
|
username: user.username,
|
||||||
@ -59,14 +58,6 @@ function createSession (req, user) {
|
|||||||
avatar_file: user.avatar_file,
|
avatar_file: user.avatar_file,
|
||||||
session_refresh: Date.now() + 1800000 // 30 minutes
|
session_refresh: Date.now() + 1800000 // 30 minutes
|
||||||
}
|
}
|
||||||
|
|
||||||
if (req.session.redirectUri) {
|
|
||||||
uri = req.session.redirectUri
|
|
||||||
} else if (req.query.redirect) {
|
|
||||||
uri = req.query.redirect
|
|
||||||
}
|
|
||||||
|
|
||||||
return uri
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Either give JSON or make a redirect
|
// Either give JSON or make a redirect
|
||||||
@ -94,13 +85,12 @@ router.post('/external/facebook/callback', wrap(async (req, res, next) => {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Create session
|
// Create session
|
||||||
let uri = '/'
|
|
||||||
if (!req.session.user) {
|
if (!req.session.user) {
|
||||||
let user = response.user
|
let user = response.user
|
||||||
uri = createSession(req, user)
|
createSession(req, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
JsonData(req, res, null, uri)
|
JsonData(req, res, null, '/login')
|
||||||
}))
|
}))
|
||||||
|
|
||||||
router.get('/external/facebook/remove', wrap(async (req, res) => {
|
router.get('/external/facebook/remove', wrap(async (req, res) => {
|
||||||
@ -127,9 +117,6 @@ router.get('/external/twitter/login', wrap(async (req, res) => {
|
|||||||
}
|
}
|
||||||
|
|
||||||
req.session.twitter_auth = tokens
|
req.session.twitter_auth = tokens
|
||||||
if (req.query.returnTo) {
|
|
||||||
req.session.twitter_auth.returnTo = req.query.returnTo
|
|
||||||
}
|
|
||||||
|
|
||||||
res.redirect('https://twitter.com/oauth/authenticate?oauth_token=' + tokens.token)
|
res.redirect('https://twitter.com/oauth/authenticate?oauth_token=' + tokens.token)
|
||||||
}))
|
}))
|
||||||
@ -138,7 +125,7 @@ router.get('/external/twitter/callback', wrap(async (req, res) => {
|
|||||||
if (!config.twitter || !config.twitter.api) return res.redirect('/login')
|
if (!config.twitter || !config.twitter.api) return res.redirect('/login')
|
||||||
if (!req.session.twitter_auth) return res.redirect('/login')
|
if (!req.session.twitter_auth) return res.redirect('/login')
|
||||||
let ta = req.session.twitter_auth
|
let ta = req.session.twitter_auth
|
||||||
let uri = ta.returnTo || '/login'
|
let uri = '/login'
|
||||||
|
|
||||||
if (!req.query.oauth_verifier) {
|
if (!req.query.oauth_verifier) {
|
||||||
req.flash('message', {error: true, text: 'Couldn\'t get a verifier'})
|
req.flash('message', {error: true, text: 'Couldn\'t get a verifier'})
|
||||||
@ -165,7 +152,7 @@ router.get('/external/twitter/callback', wrap(async (req, res) => {
|
|||||||
|
|
||||||
if (!req.session.user) {
|
if (!req.session.user) {
|
||||||
let user = response.user
|
let user = response.user
|
||||||
uri = createSession(req, user)
|
createSession(req, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
res.render('redirect', {url: uri})
|
res.render('redirect', {url: uri})
|
||||||
@ -193,7 +180,6 @@ router.get('/external/discord/login', wrap(async (req, res) => {
|
|||||||
let infos = APIExtern.Discord.getAuthorizeURL()
|
let infos = APIExtern.Discord.getAuthorizeURL()
|
||||||
|
|
||||||
req.session.discord_auth = {
|
req.session.discord_auth = {
|
||||||
returnTo: req.query.returnTo || '/login',
|
|
||||||
state: infos.state
|
state: infos.state
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -207,7 +193,7 @@ router.get('/external/discord/callback', wrap(async (req, res) => {
|
|||||||
let code = req.query.code
|
let code = req.query.code
|
||||||
let state = req.query.state
|
let state = req.query.state
|
||||||
let da = req.session.discord_auth
|
let da = req.session.discord_auth
|
||||||
let uri = da.returnTo || '/login'
|
let uri = '/login'
|
||||||
|
|
||||||
if (!code) {
|
if (!code) {
|
||||||
req.flash('message', {error: true, text: 'No authorization.'})
|
req.flash('message', {error: true, text: 'No authorization.'})
|
||||||
@ -239,7 +225,7 @@ router.get('/external/discord/callback', wrap(async (req, res) => {
|
|||||||
|
|
||||||
if (!req.session.user) {
|
if (!req.session.user) {
|
||||||
let user = response.user
|
let user = response.user
|
||||||
uri = createSession(req, user)
|
createSession(req, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
res.render('redirect', {url: uri})
|
res.render('redirect', {url: uri})
|
||||||
|
@ -2,6 +2,7 @@ import fs from 'fs'
|
|||||||
import path from 'path'
|
import path from 'path'
|
||||||
import express from 'express'
|
import express from 'express'
|
||||||
import RateLimit from 'express-rate-limit'
|
import RateLimit from 'express-rate-limit'
|
||||||
|
import ensureLogin from '../../scripts/ensureLogin'
|
||||||
import config from '../../scripts/load-config'
|
import config from '../../scripts/load-config'
|
||||||
import exists from '../../scripts/existsSync'
|
import exists from '../../scripts/existsSync'
|
||||||
import wrap from '../../scripts/asyncRoute'
|
import wrap from '../../scripts/asyncRoute'
|
||||||
@ -41,11 +42,10 @@ function setSession (req, user) {
|
|||||||
function redirectLogin (req, res) {
|
function redirectLogin (req, res) {
|
||||||
let uri = '/'
|
let uri = '/'
|
||||||
|
|
||||||
|
console.log('goto', req.session.redirectUri)
|
||||||
if (req.session.redirectUri) {
|
if (req.session.redirectUri) {
|
||||||
uri = req.session.redirectUri
|
uri = req.session.redirectUri
|
||||||
delete req.session.redirectUri
|
delete req.session.redirectUri
|
||||||
} else if (req.query.redirect) {
|
|
||||||
uri = req.query.redirect
|
|
||||||
}
|
}
|
||||||
|
|
||||||
res.redirect(uri)
|
res.redirect(uri)
|
||||||
@ -132,16 +132,11 @@ function formKeep (req, res, next) {
|
|||||||
next()
|
next()
|
||||||
}
|
}
|
||||||
|
|
||||||
// Make sure the user is logged in
|
|
||||||
// Redirect to login page and store the current path in the session for redirecting later
|
|
||||||
function ensureLogin (req, res, next) {
|
|
||||||
if (req.session.user) return next()
|
|
||||||
req.session.redirectUri = req.originalUrl
|
|
||||||
res.redirect('/login')
|
|
||||||
}
|
|
||||||
|
|
||||||
router.get('/login', extraButtons, (req, res) => {
|
router.get('/login', extraButtons, (req, res) => {
|
||||||
if (req.session.user) return redirectLogin(req, res)
|
if (req.session.user) return redirectLogin(req, res)
|
||||||
|
if (req.query.returnTo) {
|
||||||
|
req.session.redirectUri = req.query.returnTo
|
||||||
|
}
|
||||||
|
|
||||||
res.render('user/login')
|
res.render('user/login')
|
||||||
})
|
})
|
||||||
|
@ -1,15 +1,11 @@
|
|||||||
import express from 'express'
|
import express from 'express'
|
||||||
|
import ensureLogin from '../../scripts/ensureLogin'
|
||||||
import wrap from '../../scripts/asyncRoute'
|
import wrap from '../../scripts/asyncRoute'
|
||||||
import Minecraft from '../api/minecraft'
|
import Minecraft from '../api/minecraft'
|
||||||
|
|
||||||
let router = express.Router()
|
let router = express.Router()
|
||||||
|
|
||||||
router.get('/', wrap(async (req, res) => {
|
router.get('/', ensureLogin, wrap(async (req, res) => {
|
||||||
if (!req.session.user) {
|
|
||||||
req.session.redirectUri = req.originalUrl
|
|
||||||
return res.redirect('/login')
|
|
||||||
}
|
|
||||||
|
|
||||||
let token = await Minecraft.getToken(req.session.user)
|
let token = await Minecraft.getToken(req.session.user)
|
||||||
|
|
||||||
res.render('minecraft/index', {token: token.token, mcu: token.mcu})
|
res.render('minecraft/index', {token: token.token, mcu: token.mcu})
|
||||||
|
Reference in New Issue
Block a user