mirror of
https://github.com/fosrl/pangolin.git
synced 2026-02-18 10:56:38 +00:00
set resource session as base domain cookie
This commit is contained in:
@@ -22,4 +22,12 @@ export const internal = axios.create({
|
||||
},
|
||||
});
|
||||
|
||||
export const priv = axios.create({
|
||||
baseURL: `http://localhost:${process.env.SERVER_INTERNAL_PORT}/api/v1`,
|
||||
timeout: 10000,
|
||||
headers: {
|
||||
"Content-Type": "application/json",
|
||||
},
|
||||
});
|
||||
|
||||
export default api;
|
||||
|
||||
@@ -124,7 +124,7 @@ export default function SitesTable({ resources, orgId }: ResourcesTableProps) {
|
||||
return (
|
||||
<div className="flex items-center">
|
||||
<Link
|
||||
href={`https://${resourceRow.domain}`}
|
||||
href={resourceRow.domain}
|
||||
target="_blank"
|
||||
rel="noopener noreferrer"
|
||||
className="hover:underline mr-2"
|
||||
|
||||
@@ -63,7 +63,6 @@ type ResourceAuthPortalProps = {
|
||||
id: number;
|
||||
};
|
||||
redirect: string;
|
||||
queryParamName: string;
|
||||
};
|
||||
|
||||
export default function ResourceAuthPortal(props: ResourceAuthPortalProps) {
|
||||
@@ -114,10 +113,8 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) {
|
||||
},
|
||||
});
|
||||
|
||||
function constructRedirect(redirect: string, token: string): string {
|
||||
function constructRedirect(redirect: string): string {
|
||||
const redirectUrl = new URL(redirect);
|
||||
redirectUrl.searchParams.delete(props.queryParamName);
|
||||
redirectUrl.searchParams.append(props.queryParamName, token);
|
||||
return redirectUrl.toString();
|
||||
}
|
||||
|
||||
@@ -130,10 +127,9 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) {
|
||||
.then((res) => {
|
||||
const session = res.data.data.session;
|
||||
if (session) {
|
||||
window.location.href = constructRedirect(
|
||||
props.redirect,
|
||||
session,
|
||||
);
|
||||
const url = constructRedirect(props.redirect);
|
||||
console.log(url);
|
||||
window.location.href = url;
|
||||
}
|
||||
})
|
||||
.catch((e) => {
|
||||
@@ -156,10 +152,7 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) {
|
||||
.then((res) => {
|
||||
const session = res.data.data.session;
|
||||
if (session) {
|
||||
window.location.href = constructRedirect(
|
||||
props.redirect,
|
||||
session,
|
||||
);
|
||||
window.location.href = constructRedirect(props.redirect);
|
||||
}
|
||||
})
|
||||
.catch((e) => {
|
||||
|
||||
@@ -3,7 +3,7 @@ import {
|
||||
GetResourceResponse,
|
||||
} from "@server/routers/resource";
|
||||
import ResourceAuthPortal from "./components/ResourceAuthPortal";
|
||||
import { internal } from "@app/api";
|
||||
import { internal, priv } from "@app/api";
|
||||
import { AxiosResponse } from "axios";
|
||||
import { authCookieHeader } from "@app/api/cookies";
|
||||
import { cache } from "react";
|
||||
@@ -11,10 +11,12 @@ import { verifySession } from "@app/lib/auth/verifySession";
|
||||
import { redirect } from "next/navigation";
|
||||
import ResourceNotFound from "./components/ResourceNotFound";
|
||||
import ResourceAccessDenied from "./components/ResourceAccessDenied";
|
||||
import { cookies } from "next/headers";
|
||||
import { CheckResourceSessionResponse } from "@server/routers/auth";
|
||||
|
||||
export default async function ResourceAuthPage(props: {
|
||||
params: Promise<{ resourceId: number }>;
|
||||
searchParams: Promise<{ redirect: string }>;
|
||||
searchParams: Promise<{ redirect: string | undefined }>;
|
||||
}) {
|
||||
const params = await props.params;
|
||||
const searchParams = await props.searchParams;
|
||||
@@ -46,6 +48,32 @@ export default async function ResourceAuthPage(props: {
|
||||
|
||||
const redirectUrl = searchParams.redirect || authInfo.url;
|
||||
|
||||
const allCookies = await cookies();
|
||||
const cookieName =
|
||||
process.env.RESOURCE_SESSION_COOKIE_NAME + `_${params.resourceId}`;
|
||||
const sessionId = allCookies.get(cookieName)?.value ?? null;
|
||||
|
||||
if (sessionId) {
|
||||
let doRedirect = false;
|
||||
try {
|
||||
const res = await priv.get<
|
||||
AxiosResponse<CheckResourceSessionResponse>
|
||||
>(`/resource-session/${params.resourceId}/${sessionId}`);
|
||||
|
||||
console.log("resource session already exists and is valid");
|
||||
|
||||
if (res && res.data.data.valid) {
|
||||
doRedirect = true;
|
||||
}
|
||||
} catch (e) {
|
||||
console.error(e);
|
||||
}
|
||||
|
||||
if (doRedirect) {
|
||||
redirect(redirectUrl);
|
||||
}
|
||||
}
|
||||
|
||||
if (!hasAuth) {
|
||||
// no authentication so always go straight to the resource
|
||||
redirect(redirectUrl);
|
||||
@@ -94,9 +122,6 @@ export default async function ResourceAuthPage(props: {
|
||||
id: authInfo.resourceId,
|
||||
}}
|
||||
redirect={redirectUrl}
|
||||
queryParamName={
|
||||
process.env.RESOURCE_SESSION_QUERY_PARAM_NAME!
|
||||
}
|
||||
/>
|
||||
</div>
|
||||
</>
|
||||
|
||||
@@ -8,6 +8,8 @@ export const metadata: Metadata = {
|
||||
description: "",
|
||||
};
|
||||
|
||||
export const dynamic = "force-dynamic";
|
||||
|
||||
export default async function SetupLayout({
|
||||
children,
|
||||
}: {
|
||||
|
||||
Reference in New Issue
Block a user