feat(api): allow redirects with a returnTo param (#40161)

2020-11-07 09:05:25 +01:00
parent 8fd00afd9c
commit b2e2f33cf1
8 changed files with 111 additions and 76 deletions
--- a/api-server/server/middlewares/add-return-to.js
+++ b/api-server/server/middlewares/add-return-to.js
@@ -1,37 +0,0 @@
-const pathsOfNoReturn = [
-  'link',
-  'auth',
-  'login',
-  'logout',
-  'signin',
-  'signup',
-  'fonts',
-  'favicon',
-  'js',
-  'css'
-];
-
-const pathsAllowedList = ['challenges', 'map', 'commit'];
-
-const pathsOfNoReturnRegex = new RegExp(pathsOfNoReturn.join('|'), 'i');
-const pathsAllowedRegex = new RegExp(pathsAllowedList.join('|'), 'i');
-
-export default function addReturnToUrl() {
-  return function(req, res, next) {
-    // Remember original destination before login.
-    var path = req.path.split('/')[1];
-
-    if (
-      req.method !== 'GET' ||
-      pathsOfNoReturnRegex.test(path) ||
-      !pathsAllowedRegex.test(path) ||
-      /hot/i.test(req.path)
-    ) {
-      return next();
-    }
-    req.session.returnTo = req.originalUrl.includes('/map')
-      ? '/'
-      : req.originalUrl;
-    return next();
-  };
-}