Implement conditional redirect to root site after login
This way the account can be logged in to the default domain, too
This commit is contained in:
parent
786a110b48
commit
543070a94f
2 changed files with 35 additions and 1 deletions
|
|
@ -202,7 +202,23 @@ Members.prototype.login_action = function() {
|
|||
}
|
||||
|
||||
res.message = gettext('Welcome to {0}, {1}. Have fun!', res.handlers.site.getTitle(), user.name);
|
||||
res.redirect(User.getLocation() || this._parent.href());
|
||||
|
||||
const location = User.getLocation() || this._parent.href();
|
||||
|
||||
// If the requested host is outside of the cookie domain, redirect and login to the root site, too
|
||||
if (this._parent !== root && !req.getHeader("Host").includes(app.appsProperties.cookieDomain)) {
|
||||
const token = java.util.UUID.randomUUID();
|
||||
const digest = session.user.getDigest(token);
|
||||
session.user.setMetadata('rootCookieToken', token);
|
||||
res.redirect(
|
||||
root.href('cookie')
|
||||
+ '?digest=' + encodeURIComponent(digest)
|
||||
+ '&name=' + encodeURIComponent(req.postParams.name)
|
||||
+ '&location=' + encodeURIComponent(location)
|
||||
);
|
||||
}
|
||||
|
||||
res.redirect(location);
|
||||
} catch (ex) {
|
||||
res.message = ex;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -94,6 +94,7 @@ Root.prototype.getPermission = function(action) {
|
|||
switch (action) {
|
||||
case '.':
|
||||
case 'main':
|
||||
case 'cookie':
|
||||
case 'debug':
|
||||
case 'default.hook':
|
||||
case 'favicon.ico':
|
||||
|
|
@ -367,6 +368,23 @@ Root.prototype.mrtg_action = function() {
|
|||
return;
|
||||
}
|
||||
|
||||
// Login to the root site if Members#login_action() redirects here
|
||||
// This way custom domains are getting the default domain cookie, too
|
||||
Root.prototype.cookie_action = function() {
|
||||
if (req.data.digest && req.data.name) {
|
||||
const user = User.getByName(req.data.name);
|
||||
if (user) {
|
||||
const token = user.getMetadata("rootCookieToken");
|
||||
const digest = user.getDigest(token);
|
||||
if (digest === req.data.digest) {
|
||||
session.login(user);
|
||||
user.deleteMetadata("rootCookieToken");
|
||||
}
|
||||
}
|
||||
}
|
||||
res.redirect(req.data.location || req.data.http_referer || root.href());
|
||||
};
|
||||
|
||||
/**
|
||||
* Catch some undefined macro handlers, then delegate to the super prototype.
|
||||
* @param {String} name
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue