Ylianst/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2024-11-22 12:52:50 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix oidc reauth #6132

Browse Source 
Signed-off-by: si458 <simonsmith5521@gmail.com>
This commit is contained in:
si458 2024-06-01 20:31:25 +01:00
parent 62199d8057
commit c67a76bcc2
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
webserver.js
View File

@ -2808,8 +2808,10 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
obj.parent.DispatchEvent(targets, obj, loginEvent);
parent.authLog('handleStrategyLogin', `${req.user.strategy.toUpperCase()}: LOGIN SUCCESS: USER: "${req.user.sid}"`);
}
} else if (req.session && req.session.userid && obj.users[req.session.userid]) {
parent.authLog('handleStrategyLogin', `User Already Authorised "${(req.session.passport && req.session.passport.user) ? req.session.passport.user : req.session.userid }"`);
} else {
parent.authLog('handleStrategyLogin', `LOGIN FAILED: NO USER: REQUEST CONTAINS NO USER OR SID`);
parent.authLog('handleStrategyLogin', `LOGIN FAILED: REQUEST CONTAINS NO USER OR SID`);
}
//res.redirect(domain.url); // This does not handle cookie correctly.
res.set('Content-Type', 'text/html');
@ -6782,7 +6784,12 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
obj.app.get(redirectPath, obj.bodyParser.urlencoded({ extended: false }), function (req, res, next) {
var domain = getDomain(req);
if (domain.passport == null) { next(); return; }
domain.passport.authenticate(`oidc-${domain.id}`, { failureRedirect: '/', failureFlash: true })(req, res, next);
if (req.session && req.session.userid) { next(); return; } // already logged in so dont authenticate just carry on
if (req.session && req.session['oidc-' + domain.id]) { // we have a request to login so do authenticate
domain.passport.authenticate(`oidc-${domain.id}`, { failureRedirect: '/', failureFlash: true })(req, res, next);
} else { // no idea so carry on
next(); return;
}
}, handleStrategyLogin);
}
@ -7423,7 +7430,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
// Create client and overwrite in options
let client = new issuer.Client(strategy.client)
strategy.options = Object.assign(strategy.options, { 'client': client });
strategy.options = Object.assign(strategy.options, { 'client': client, sessionKey: 'oidc-' + domain.id });
strategy.client = client.metadata
strategy.obj.client = client