feat: allow user to redirect after signin (#40069)

Co-authored-by: Mrugesh Mohapatra <1884376+raisedadead@users.noreply.github.com>
2020-11-02 11:10:43 +01:00
parent 0dba9c1036
commit a7eba00690
4 changed files with 15 additions and 57 deletions
--- a/api-server/server/boot/authentication.js
+++ b/api-server/server/boot/authentication.js
@ -39,6 +39,12 @@ module.exports = function enableAuthentication(app) {
  const ifNoUserRedirectHome = ifNoUserRedirectTo(homeLocation);
  const saveAuthCookies = saveResponseAuthCookies();
  const loginSuccessRedirect = loginRedirect();
  const addRedirect = (req, res, next) => {
    if (req && req.query && req.query.returnTo) {
      req.query.returnTo = `${homeLocation}/${req.query.returnTo}`;
    }
    return next();
  };
  const api = app.loopback.Router();
  // Use a local mock strategy for signing in if we are in dev mode.
@ -47,27 +53,18 @@ module.exports = function enableAuthentication(app) {
  if (process.env.LOCAL_MOCK_AUTH === 'true') {
    api.get(
      '/signin',
      addRedirect,
      passport.authenticate('devlogin'),
      saveAuthCookies,
      loginSuccessRedirect
    );
  } else {
-    api.get(
+    api.get('/signin', addRedirect, ifUserRedirect, (req, res, next) => {
-      '/signin',
+      const state = req.query.returnTo
-      (req, res, next) => {
+        ? Buffer.from(req.query.returnTo).toString('base64')
-        if (req && req.query && req.query.returnTo) {
+        : null;
-          req.query.returnTo = `${homeLocation}/${req.query.returnTo}`;
+      return passport.authenticate('auth0-login', { state })(req, res, next);
-        }
+    });
        return next();
      },
      ifUserRedirect,
      (req, res, next) => {
        const state = req.query.returnTo
          ? Buffer.from(req.query.returnTo).toString('base64')
          : null;
        return passport.authenticate('auth0-login', { state })(req, res, next);
      }
    );
    api.get(
      '/auth/auth0/callback',
--- a/api-server/server/component-passport.js
+++ b/api-server/server/component-passport.js
@ -81,9 +81,8 @@ export const saveResponseAuthCookies = () => {
 export const loginRedirect = () => {
  return (req, res) => {
    const successRedirect = req => {
-      if (!!req && req.session && req.session.returnTo) {
+      if (req && req.query && req.query.returnTo) {
-        delete req.session.returnTo;
+        return req.query.returnTo;
        return `${homeLocation}/learn`;
      }
      return `${homeLocation}/learn`;
    };
--- a/api-server/server/middleware.json
+++ b/api-server/server/middleware.json
@ -29,7 +29,6 @@
  "auth:before": {
    "express-flash": {},
    "./middlewares/express-extensions": {},
    "./middlewares/add-return-to": {},
    "./middlewares/cookie-parser": {},
    "./middlewares/request-authorization": {}
  },
--- a/api-server/server/middlewares/add-return-to.js
+++ b/api-server/server/middlewares/add-return-to.js
@ -1,37 +0,0 @@
 const pathsOfNoReturn = [
  'link',
  'auth',
  'login',
  'logout',
  'signin',
  'signup',
  'fonts',
  'favicon',
  'js',
  'css'
 ];
 const pathsAllowedList = ['challenges', 'map', 'commit'];
 const pathsOfNoReturnRegex = new RegExp(pathsOfNoReturn.join('|'), 'i');
 const pathsAllowedRegex = new RegExp(pathsAllowedList.join('|'), 'i');
 export default function addReturnToUrl() {
  return function(req, res, next) {
    // Remember original destination before login.
    var path = req.path.split('/')[1];
    if (
      req.method !== 'GET' ||
      pathsOfNoReturnRegex.test(path) ||
      !pathsAllowedRegex.test(path) ||
      /hot/i.test(req.path)
    ) {
      return next();
    }
    req.session.returnTo = req.originalUrl.includes('/map')
      ? '/'
      : req.originalUrl;
    return next();
  };
 }