From: ArthurHoaro Date: Thu, 3 Sep 2020 06:35:18 +0000 (+0200) Subject: Merge pull request #1536 from ArthurHoaro/fix/login-private-shaarli X-Git-Tag: v0.12.0-beta-1~29 X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=ca636b898ccd62fbef68048ea29e3f922de7429f;hp=14fcfb521341fd7619cab0301cef699cb42d2080;p=github%2Fshaarli%2FShaarli.git Merge pull request #1536 from ArthurHoaro/fix/login-private-shaarli Fix login loop for private instances --- diff --git a/application/legacy/LegacyController.php b/application/legacy/LegacyController.php index 26465d2c..e16dd0f4 100644 --- a/application/legacy/LegacyController.php +++ b/application/legacy/LegacyController.php @@ -40,28 +40,33 @@ class LegacyController extends ShaarliVisitorController public function post(Request $request, Response $response): Response { $parameters = count($request->getQueryParams()) > 0 ? '?' . http_build_query($request->getQueryParams()) : ''; + $route = '/admin/shaare'; if (!$this->container->loginManager->isLoggedIn()) { - return $this->redirect($response, '/login' . $parameters); + return $this->redirect($response, '/login?returnurl='. $this->getBasePath() . $route . $parameters); } - return $this->redirect($response, '/admin/shaare' . $parameters); + return $this->redirect($response, $route . $parameters); } /** Legacy route: ?addlink= */ protected function addlink(Request $request, Response $response): Response { + $route = '/admin/add-shaare'; + if (!$this->container->loginManager->isLoggedIn()) { - return $this->redirect($response, '/login'); + return $this->redirect($response, '/login?returnurl=' . $this->getBasePath() . $route); } - return $this->redirect($response, '/admin/add-shaare'); + return $this->redirect($response, $route); } /** Legacy route: ?do=login */ protected function login(Request $request, Response $response): Response { - return $this->redirect($response, '/login'); + $returnUrl = $request->getQueryParam('returnurl'); + + return $this->redirect($response, '/login' . ($returnUrl ? '?returnurl=' . $returnUrl : '')); } /** Legacy route: ?do=logout */ @@ -127,4 +132,21 @@ class LegacyController extends ShaarliVisitorController return $this->redirect($response, '/feed/' . $feedType . $parameters); } + + /** Legacy route: ?do=configure */ + protected function configure(Request $request, Response $response): Response + { + $route = '/admin/configure'; + + if (!$this->container->loginManager->isLoggedIn()) { + return $this->redirect($response, '/login?returnurl=' . $this->getBasePath() . $route); + } + + return $this->redirect($response, $route); + } + + protected function getBasePath(): string + { + return $this->container->basePath ?: ''; + } } diff --git a/assets/default/js/base.js b/assets/default/js/base.js index 0f29799d..27938823 100644 --- a/assets/default/js/base.js +++ b/assets/default/js/base.js @@ -25,16 +25,18 @@ function findParent(element, tagName, attributes) { /** * Ajax request to refresh the CSRF token. */ -function refreshToken(basePath) { - console.log('refresh'); +function refreshToken(basePath, callback) { const xhr = new XMLHttpRequest(); xhr.open('GET', `${basePath}/admin/token`); xhr.onload = () => { const elements = document.querySelectorAll('input[name="token"]'); [...elements].forEach((element) => { - console.log(element); element.setAttribute('value', xhr.responseText); }); + + if (callback) { + callback(xhr.response); + } }; xhr.send(); } @@ -622,4 +624,15 @@ function init(description) { [...autocompleteFields].forEach((autocompleteField) => { awesomepletes.push(createAwesompleteInstance(autocompleteField)); }); + + const exportForm = document.querySelector('#exportform'); + if (exportForm != null) { + exportForm.addEventListener('submit', (event) => { + event.preventDefault(); + + refreshToken(basePath, () => { + event.target.submit(); + }); + }); + } })(); diff --git a/tests/legacy/LegacyControllerTest.php b/tests/legacy/LegacyControllerTest.php index 759a5b2a..4e52f3e1 100644 --- a/tests/legacy/LegacyControllerTest.php +++ b/tests/legacy/LegacyControllerTest.php @@ -66,11 +66,11 @@ class LegacyControllerTest extends TestCase { return [ ['post', [], '/admin/shaare', true], - ['post', [], '/login', false], + ['post', [], '/login?returnurl=/subfolder/admin/shaare', false], ['post', ['title' => 'test'], '/admin/shaare?title=test', true], - ['post', ['title' => 'test'], '/login?title=test', false], + ['post', ['title' => 'test'], '/login?returnurl=/subfolder/admin/shaare?title=test', false], ['addlink', [], '/admin/add-shaare', true], - ['addlink', [], '/login', false], + ['addlink', [], '/login?returnurl=/subfolder/admin/add-shaare', false], ['login', [], '/login', true], ['login', [], '/login', false], ['logout', [], '/admin/logout', true], @@ -94,6 +94,8 @@ class LegacyControllerTest extends TestCase ['opensearch', [], '/open-search', true], ['dailyrss', [], '/daily-rss', false], ['dailyrss', [], '/daily-rss', true], + ['configure', [], '/login?returnurl=/subfolder/admin/configure', false], + ['configure', [], '/admin/configure', true], ]; } }