From: Laurence Maultsby <laurence.maultsby@riftio.com>
Date: Thu, 27 Apr 2017 17:58:59 +0000 (-0400)
Subject: Session manager modified to catch all requests. Login redirect fix
X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FUI.git;a=commitdiff_plain;h=35a47d156c0d1b62567ffd4380141b31568d426c

Session manager modified to catch all requests. Login redirect fix

Signed-off-by: Laurence Maultsby <laurence.maultsby@riftio.com>
---

diff --git a/skyquake/framework/core/api_utils/utils.js b/skyquake/framework/core/api_utils/utils.js
index 3a509646a..667e7a9b0 100644
--- a/skyquake/framework/core/api_utils/utils.js
+++ b/skyquake/framework/core/api_utils/utils.js
@@ -196,6 +196,9 @@ if (process.env.LOG_REQUESTS) {
  * @param {Function} res - a handle to the express response function
  */
 var sendErrorResponse = function(error, res) {
+	if (!error.statusCode) {
+		console.error('Status Code has not been set in error object: ', error);
+	}
 	res.status(error.statusCode);
 	res.send(error);
 }
diff --git a/skyquake/framework/core/modules/api/sessions.js b/skyquake/framework/core/modules/api/sessions.js
index 9736f8803..0c6709161 100644
--- a/skyquake/framework/core/modules/api/sessions.js
+++ b/skyquake/framework/core/modules/api/sessions.js
@@ -46,7 +46,7 @@ function logAndRedirectToLogin(mesg, res, req) {
     var api_server = req.query['api_server'] || (req.protocol + '://' + configurationAPI.globalConfiguration.get().api_server);
     var upload_server = req.protocol + '://' + (configurationAPI.globalConfiguration.get().upload_server || req.hostname);
     console.log(mesg);
-    res.redirect('login.html?api_server=' + api_server + '&upload_server=' + upload_server + '&referer=' + req.headers.referer);
+    res.redirect('login.html?api_server=' + api_server + '&upload_server=' + upload_server + '&referer=' + encodeURIComponent(req.headers.referer));
     res.end();
 }
 
@@ -124,6 +124,7 @@ sessionsAPI.create = function(req, res) {
                 username: username,
                 // project: req.session.projectId
             };
+            req.session.redirect = true;
             var successMsg = 'User => ' + username + ' successfully logged in.';
             successMsg += req.session.projectId ? 'Project => ' + req.session.projectId + ' set as default.' : '';
 
diff --git a/skyquake/framework/core/modules/api/userManagementAPI.js b/skyquake/framework/core/modules/api/userManagementAPI.js
index b0b8ad501..b2f55c36f 100644
--- a/skyquake/framework/core/modules/api/userManagementAPI.js
+++ b/skyquake/framework/core/modules/api/userManagementAPI.js
@@ -70,21 +70,27 @@ UserManagement.getProfile = function(req) {
     var api_server = req.query['api_server'];
     return new Promise(function(resolve, reject) {
         var response = {};
-        var userId = req.session.userdata.username
-        response['data'] = {
-            userId: userId,
-            projectId: req.session.projectId
-        };
-        UserManagement.getUserInfo(req, userId).then(function(result) {
-            response.statusCode = constants.HTTP_RESPONSE_CODES.SUCCESS.OK;
-            response.data.data =result.data
-            resolve(response);
-        }, function(error) {
-            console.log('Error retrieving getUserInfo');
+        try {
+            var userId = req.session.userdata.username
+            response['data'] = {
+                userId: userId,
+                projectId: req.session.projectId
+            };
+            UserManagement.getUserInfo(req, userId).then(function(result) {
+                response.statusCode = constants.HTTP_RESPONSE_CODES.SUCCESS.OK;
+                response.data.data = result.data
+                resolve(response);
+            }, function(error) {
+                console.log('Error retrieving getUserInfo');
+                response.statusCode = constants.HTTP_RESPONSE_CODES.ERROR.INTERNAL_SERVER_ERROR;
+                reject(response);
+            })
+        } catch (e) {
+            response.data.data = e;
             response.statusCode = constants.HTTP_RESPONSE_CODES.ERROR.INTERNAL_SERVER_ERROR;
             reject(response);
-        })
-
+            reject()
+        }
     });
 };
 UserManagement.getUserInfo = function(req, userId, domain) {
diff --git a/skyquake/framework/core/modules/routes/navigation.js b/skyquake/framework/core/modules/routes/navigation.js
index afffb20b8..3f460e6ee 100644
--- a/skyquake/framework/core/modules/routes/navigation.js
+++ b/skyquake/framework/core/modules/routes/navigation.js
@@ -42,12 +42,27 @@ Router.get('/login.html', cors(), function(req, res) {
 	res.end();
 });
 
-Router.get('/', cors(), function(req, res) {
+Router.use(/^\/(?!session).*/, function(req, res, next) {
 	var api_server = req.query['api_server'] || (req.protocol + '://' + configurationAPI.globalConfiguration.get().api_server);
 	if (req.session && req.session.loggedIn) {
-		console.log('Logged in. Redirect to launchpad');
-		if(req.params.referer) {
-			res.redirect(req.params.referer);
+		next();
+	} else {
+		console.log('Redirect to login.html');
+		res.redirect('/login.html?api_server=' + api_server + '&upload_server=' + req.protocol + '://' + (configurationAPI.globalConfiguration.get().upload_server || req.hostname)  + '&referer=' + encodeURIComponent(req.headers.referer));
+	}
+});
+
+Router.use(function(req, res, next) {
+	var api_server = req.query['api_server'] || (req.protocol + '://' + configurationAPI.globalConfiguration.get().api_server);
+	if (req.session.redirect) {
+		req.session.redirect = false;
+        req.session.save(function(err) {
+            if (err) {
+                console.log('Error saving session to store', err);
+            }
+        });
+		if(req.query.referer && (req.query.referer != "undefined")) {
+			res.redirect(decodeURIComponent(req.query.referer));
 		}  else {
 			if(req.session.isLCM) {
 				res.redirect('/launchpad/?api_server=' + api_server + '&upload_server=' + req.protocol + '://' + (configurationAPI.globalConfiguration.get().upload_server || req.hostname));
@@ -56,8 +71,7 @@ Router.get('/', cors(), function(req, res) {
 			}
 		}
 	} else {
-		console.log('Redirect to login.html');
-		res.redirect('login.html?api_server=' + api_server + '&upload_server=' + req.protocol + '://' + (configurationAPI.globalConfiguration.get().upload_server || req.hostname)  + '&referer=' + req.headers.referer);
+		next();
 	}
 });
 
diff --git a/skyquake/framework/core/views/login.html b/skyquake/framework/core/views/login.html
index 404b21e50..9089328bb 100644
--- a/skyquake/framework/core/views/login.html
+++ b/skyquake/framework/core/views/login.html
@@ -75,6 +75,7 @@ $(document).ready(function() {
     var username;
     var pass;
     var api_server = getSearchParams(window.location).api_server;
+    var referer = getSearchParams(window.location).referer;
     $('#submit').click(function() {
         username=$('#username').val();
         pass=$('#password').val();
@@ -89,7 +90,7 @@ $(document).ready(function() {
                 password: pass
             },
             success: function(data) {
-                window.location.href='/?api_server=' + api_server;
+                window.location.href='/?api_server=' + api_server + '&referer=' + referer;
             }
         });
     });