gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix: signout redirect (#42538)

Browse Source 
Co-authored-by: Oliver Eyton-Williams <ojeytonwilliams@gmail.com>
This commit is contained in:
Nicholas Carrigan (he/him)
2021-06-17 11:24:18 -07:00
committed by GitHub
parent 6fedc48495
commit 7857c3932b
3 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api-server/src/server/boot/authentication.js
View File

@ -63,7 +63,7 @@ module.exports = function enableAuthentication(app) {
} }
api.get('/signout', (req, res) => { api.get('/signout', (req, res) => {
const { origin } = getRedirectParams(req); const { origin, returnTo } = getRedirectParams(req);
req.logout(); req.logout();
req.session.destroy(err => { req.session.destroy(err => {
if (err) { if (err) {
@ -74,7 +74,7 @@ module.exports = function enableAuthentication(app) {
}); });
} }
removeCookies(req, res); removeCookies(req, res);
res.redirect(origin); res.redirect(returnTo);
}); });
}); });

16
api-server/src/server/component-passport.js
View File

@ -16,6 +16,7 @@ import {
isRootPath isRootPath
} from './utils/redirection'; } from './utils/redirection';
import { jwtSecret } from '../../../config/secrets'; import { jwtSecret } from '../../../config/secrets';
import { availableLangs } from '../../../config/i18n/all-langs';
const passportOptions = { const passportOptions = {
emailOptional: true, emailOptional: true,
@ -85,13 +86,22 @@ export const devSaveResponseAuthCookies = () => {
export const devLoginRedirect = () => { export const devLoginRedirect = () => {
return (req, res) => { return (req, res) => {
// this mirrors the production approach, but without any validation // this mirrors the production approach, but only validates the prefix
let { returnTo, origin, pathPrefix } = getRedirectParams( let { returnTo, origin, pathPrefix } = getRedirectParams(
req, req,
params => params ({ returnTo, origin, pathPrefix }) => {
pathPrefix = availableLangs.client.includes(pathPrefix)
? pathPrefix
: '';
return {
returnTo,
origin,
pathPrefix
};
}
); );
returnTo += isRootPath(getRedirectBase(origin, pathPrefix), returnTo) returnTo += isRootPath(getRedirectBase(origin, pathPrefix), returnTo)
? 'learn' ? '/learn'
: ''; : '';
return res.redirect(returnTo); return res.redirect(returnTo);
}; };

2
api-server/src/server/utils/redirection.js
View File

@ -66,7 +66,7 @@ function getRedirectParams(req, _normalizeParams = normalizeParams) {
const origin = returnUrl.origin; const origin = returnUrl.origin;
// if this is not one of the client languages, validation will convert // if this is not one of the client languages, validation will convert
// this to '' before it is used. // this to '' before it is used.
const pathPrefix = returnUrl.pathname.split('/')[0]; const pathPrefix = returnUrl.pathname.split('/')[1];
return _normalizeParams({ returnTo: returnUrl.href, origin, pathPrefix }); return _normalizeParams({ returnTo: returnUrl.href, origin, pathPrefix });
} }