Fix signin page redirection in single instance mode

This commit is contained in:
r 2020-05-29 13:28:42 +00:00
parent 1ae3c33b7d
commit 61fbb24db8
2 changed files with 19 additions and 2 deletions

View File

@ -10,6 +10,7 @@ import (
var ( var (
errInvalidSession = errors.New("invalid session") errInvalidSession = errors.New("invalid session")
errInvalidAccessToken = errors.New("invalid access token")
errInvalidCSRFToken = errors.New("invalid csrf token") errInvalidCSRFToken = errors.New("invalid csrf token")
) )
@ -23,7 +24,7 @@ func NewAuthService(sessionRepo model.SessionRepo, appRepo model.AppRepo, s Serv
return &as{sessionRepo, appRepo, s} return &as{sessionRepo, appRepo, s}
} }
func (s *as) authenticateClient(c *model.Client) (err error) { func (s *as) initClient(c *model.Client) (err error) {
if len(c.Ctx.SessionID) < 1 { if len(c.Ctx.SessionID) < 1 {
return errInvalidSession return errInvalidSession
} }
@ -46,6 +47,17 @@ func (s *as) authenticateClient(c *model.Client) (err error) {
return nil return nil
} }
func (s *as) authenticateClient(c *model.Client) (err error) {
err = s.initClient(c)
if err != nil {
return
}
if len(c.Session.AccessToken) < 1 {
return errInvalidAccessToken
}
return nil
}
func checkCSRF(c *model.Client) (err error) { func checkCSRF(c *model.Client) (err error) {
if c.Ctx.CSRFToken != c.Session.CSRFToken { if c.Ctx.CSRFToken != c.Session.CSRFToken {
return errInvalidCSRFToken return errInvalidCSRFToken
@ -179,7 +191,7 @@ func (s *as) NewSession(instance string) (redirectUrl string,
func (s *as) Signin(c *model.Client, sessionID string, func (s *as) Signin(c *model.Client, sessionID string,
code string) (token string, userID string, err error) { code string) (token string, userID string, err error) {
err = s.authenticateClient(c) err = s.authenticateClient(c)
if err != nil { if err != nil && err != errInvalidAccessToken {
return return
} }

View File

@ -76,6 +76,11 @@ func NewHandler(s Service, staticDir string) http.Handler {
c := newClient(w, req, "") c := newClient(w, req, "")
err := s.ServeRootPage(c) err := s.ServeRootPage(c)
if err != nil { if err != nil {
if (err == errInvalidAccessToken) {
w.Header().Add("Location", "/signin")
w.WriteHeader(http.StatusFound)
return
}
w.WriteHeader(http.StatusInternalServerError) w.WriteHeader(http.StatusInternalServerError)
s.ServeErrorPage(c, err) s.ServeErrorPage(c, err)
return return