Webionite/haste-server
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

use state for next url after login

Browse Source
This commit is contained in:
Anthony Metzidis 2017-10-20 13:11:26 -07:00
parent 0d4742fdbb
commit ffd7e4f3b4
1 changed files with 26 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
server.js
View File

@ -122,7 +122,8 @@ if (config.rateLimits) {
var GoogleStrategy = require('passport-google-oauth20').Strategy; var GoogleStrategy = require('passport-google-oauth20').Strategy;
// and deserialized. var OAUTH_SCOPE = ['profile']
passport.serializeUser(function(user, cb) { passport.serializeUser(function(user, cb) {
winston.info('serialize', user) winston.info('serialize', user)
cb(null, user); cb(null, user);
@ -132,13 +133,13 @@ passport.deserializeUser(function(obj, cb) {
winston.info('deserialize', obj) winston.info('deserialize', obj)
cb(null, obj); cb(null, obj);
}); });
passport.use(new GoogleStrategy({ passport.use(new GoogleStrategy({
clientID: process.env.GOOGLE_CLIENT_ID, clientID: process.env.GOOGLE_CLIENT_ID,
clientSecret: process.env.GOOGLE_CLIENT_SECRET, clientSecret: process.env.GOOGLE_CLIENT_SECRET,
callbackURL: config.origin + 'auth/google/callback' callbackURL: config.origin + 'auth/google/callback'
}, },
function(accessToken, refreshToken, profile, cb) { function(accessToken, refreshToken, profile, cb) {
winston.info('hi logged in')
winston.info(profile); winston.info(profile);
return cb(null, profile); return cb(null, profile);
} }
@ -148,18 +149,22 @@ app.use(session({ secret: config.secret, name: 'tt' , resave:true, saveUnitializ
// first look at API calls // first look at API calls
app.use(passport.initialize()); app.use(passport.initialize());
app.use(passport.session()); app.use(passport.session());
//app.use(connectEnsureLogin.ensureLoggedIn());
var router = app; var router = app;
// get raw documents - support getting with extension // get raw documents - support getting with extension
router.get('/', ensureAuthenticatedWeb); router.get('/', ensureAuthenticatedWeb);
router.get('/login', passport.authenticate('google', { scope: ['profile'] })); router.get('/login', passport.authenticate('google', { scope: OAUTH_SCOPE }));
router.get( '/auth/google/callback', function(req,res,next){
var successRedirectURL = '/'
if(req.query.state){
successRedirectURL = req.query.state
}
passport.authenticate( 'google', { scope: OAUTH_SCOPE,
successRedirect: successRedirectURL,
failureRedirect: '/auth/failure' } )(req,res,next);
})
router.get( '/auth/google/callback',
passport.authenticate( 'google', { scope: ['profile'],
successRedirect: '/',
failureRedirect: '/auth/failure'
}));
router.get('/raw/:id', ensureAuthenticatedWeb, function(request, response, next) { router.get('/raw/:id', ensureAuthenticatedWeb, function(request, response, next) {
var skipExpire = !!config.documents[request.params.id]; var skipExpire = !!config.documents[request.params.id];
var key = request.params.id.split('.')[0]; var key = request.params.id.split('.')[0];
@ -183,16 +188,22 @@ router.get('/users/me', ensureAuthenticatedAPI, function(req, res, next) {
}); });
function ensureAuthenticatedWeb(req, res, next) { function ensureAuthenticatedWeb(req, res, next) {
if (req.isAuthenticated()) { return next(); } if (req.isAuthenticated()) {
// res.redirect('/login' + '?next=' + encodeURIComponent(req.path)); return next();
// if not authenticated, authenticate with google }
passport.authenticate('google', { scope: ['profile'] })(req,res,next) // set state = req.path to support redirect after login
passport.authenticate(
'google', { scope: OAUTH_SCOPE, state : req.path }
)(req,res,next)
} }
function ensureAuthenticatedAPI(req, res, next) { function ensureAuthenticatedAPI(req, res, next) {
if (req.isAuthenticated()) { return next(); } if (req.isAuthenticated()) {
return next();
}
res.sendStatus(401); res.sendStatus(401);
} }
//app.use(require('connect-ensure-login').ensureLoggedIn());
// Otherwise, try to match static files // Otherwise, try to match static files
app.use(connect_st({ app.use(connect_st({
path: __dirname + '/static', path: __dirname + '/static',