From: Laurence Maultsby Date: Thu, 27 Apr 2017 17:58:59 +0000 (-0400) Subject: Session manager modified to catch all requests. Login redirect fix X-Git-Url: https://osm.etsi.org/gitweb/?a=commitdiff_plain;h=35a47d156c0d1b62567ffd4380141b31568d426c;p=osm%2FUI.git Session manager modified to catch all requests. Login redirect fix Signed-off-by: Laurence Maultsby --- diff --git a/skyquake/framework/core/api_utils/utils.js b/skyquake/framework/core/api_utils/utils.js index 3a509646a..667e7a9b0 100644 --- a/skyquake/framework/core/api_utils/utils.js +++ b/skyquake/framework/core/api_utils/utils.js @@ -196,6 +196,9 @@ if (process.env.LOG_REQUESTS) { * @param {Function} res - a handle to the express response function */ var sendErrorResponse = function(error, res) { + if (!error.statusCode) { + console.error('Status Code has not been set in error object: ', error); + } res.status(error.statusCode); res.send(error); } diff --git a/skyquake/framework/core/modules/api/sessions.js b/skyquake/framework/core/modules/api/sessions.js index 9736f8803..0c6709161 100644 --- a/skyquake/framework/core/modules/api/sessions.js +++ b/skyquake/framework/core/modules/api/sessions.js @@ -46,7 +46,7 @@ function logAndRedirectToLogin(mesg, res, req) { var api_server = req.query['api_server'] || (req.protocol + '://' + configurationAPI.globalConfiguration.get().api_server); var upload_server = req.protocol + '://' + (configurationAPI.globalConfiguration.get().upload_server || req.hostname); console.log(mesg); - res.redirect('login.html?api_server=' + api_server + '&upload_server=' + upload_server + '&referer=' + req.headers.referer); + res.redirect('login.html?api_server=' + api_server + '&upload_server=' + upload_server + '&referer=' + encodeURIComponent(req.headers.referer)); res.end(); } @@ -124,6 +124,7 @@ sessionsAPI.create = function(req, res) { username: username, // project: req.session.projectId }; + req.session.redirect = true; var successMsg = 'User => ' + username + ' successfully logged in.'; successMsg += req.session.projectId ? 'Project => ' + req.session.projectId + ' set as default.' : ''; diff --git a/skyquake/framework/core/modules/api/userManagementAPI.js b/skyquake/framework/core/modules/api/userManagementAPI.js index b0b8ad501..b2f55c36f 100644 --- a/skyquake/framework/core/modules/api/userManagementAPI.js +++ b/skyquake/framework/core/modules/api/userManagementAPI.js @@ -70,21 +70,27 @@ UserManagement.getProfile = function(req) { var api_server = req.query['api_server']; return new Promise(function(resolve, reject) { var response = {}; - var userId = req.session.userdata.username - response['data'] = { - userId: userId, - projectId: req.session.projectId - }; - UserManagement.getUserInfo(req, userId).then(function(result) { - response.statusCode = constants.HTTP_RESPONSE_CODES.SUCCESS.OK; - response.data.data =result.data - resolve(response); - }, function(error) { - console.log('Error retrieving getUserInfo'); + try { + var userId = req.session.userdata.username + response['data'] = { + userId: userId, + projectId: req.session.projectId + }; + UserManagement.getUserInfo(req, userId).then(function(result) { + response.statusCode = constants.HTTP_RESPONSE_CODES.SUCCESS.OK; + response.data.data = result.data + resolve(response); + }, function(error) { + console.log('Error retrieving getUserInfo'); + response.statusCode = constants.HTTP_RESPONSE_CODES.ERROR.INTERNAL_SERVER_ERROR; + reject(response); + }) + } catch (e) { + response.data.data = e; response.statusCode = constants.HTTP_RESPONSE_CODES.ERROR.INTERNAL_SERVER_ERROR; reject(response); - }) - + reject() + } }); }; UserManagement.getUserInfo = function(req, userId, domain) { diff --git a/skyquake/framework/core/modules/routes/navigation.js b/skyquake/framework/core/modules/routes/navigation.js index afffb20b8..3f460e6ee 100644 --- a/skyquake/framework/core/modules/routes/navigation.js +++ b/skyquake/framework/core/modules/routes/navigation.js @@ -42,12 +42,27 @@ Router.get('/login.html', cors(), function(req, res) { res.end(); }); -Router.get('/', cors(), function(req, res) { +Router.use(/^\/(?!session).*/, function(req, res, next) { var api_server = req.query['api_server'] || (req.protocol + '://' + configurationAPI.globalConfiguration.get().api_server); if (req.session && req.session.loggedIn) { - console.log('Logged in. Redirect to launchpad'); - if(req.params.referer) { - res.redirect(req.params.referer); + next(); + } else { + console.log('Redirect to login.html'); + res.redirect('/login.html?api_server=' + api_server + '&upload_server=' + req.protocol + '://' + (configurationAPI.globalConfiguration.get().upload_server || req.hostname) + '&referer=' + encodeURIComponent(req.headers.referer)); + } +}); + +Router.use(function(req, res, next) { + var api_server = req.query['api_server'] || (req.protocol + '://' + configurationAPI.globalConfiguration.get().api_server); + if (req.session.redirect) { + req.session.redirect = false; + req.session.save(function(err) { + if (err) { + console.log('Error saving session to store', err); + } + }); + if(req.query.referer && (req.query.referer != "undefined")) { + res.redirect(decodeURIComponent(req.query.referer)); } else { if(req.session.isLCM) { res.redirect('/launchpad/?api_server=' + api_server + '&upload_server=' + req.protocol + '://' + (configurationAPI.globalConfiguration.get().upload_server || req.hostname)); @@ -56,8 +71,7 @@ Router.get('/', cors(), function(req, res) { } } } else { - console.log('Redirect to login.html'); - res.redirect('login.html?api_server=' + api_server + '&upload_server=' + req.protocol + '://' + (configurationAPI.globalConfiguration.get().upload_server || req.hostname) + '&referer=' + req.headers.referer); + next(); } }); diff --git a/skyquake/framework/core/views/login.html b/skyquake/framework/core/views/login.html index 404b21e50..9089328bb 100644 --- a/skyquake/framework/core/views/login.html +++ b/skyquake/framework/core/views/login.html @@ -75,6 +75,7 @@ $(document).ready(function() { var username; var pass; var api_server = getSearchParams(window.location).api_server; + var referer = getSearchParams(window.location).referer; $('#submit').click(function() { username=$('#username').val(); pass=$('#password').val(); @@ -89,7 +90,7 @@ $(document).ready(function() { password: pass }, success: function(data) { - window.location.href='/?api_server=' + api_server; + window.location.href='/?api_server=' + api_server + '&referer=' + referer; } }); });