Removed buggy login/-out redirects

2018-01-22 22:05:02 +00:00 · 2018-01-22 22:05:02 +00:00 · 6aba3ec9a8
parent e249d44cae
commit 6aba3ec9a8
8 changed files with 12 additions and 21 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,6 +1,7 @@
 # Tracman Server Changelog

 ###### v0.8.0
+* Removed buggy login/-out redirects
 * [#111](https://github.com/Tracman-org/Server/issues/111) Implemented service worker
 * [#116](https://github.com/Tracman-org/Server/issues/116) Switched promises for async/await
 * [#64](https://github.com/Tracman-org/Server/issues/64) Started using promises in model methods
--- a/README.md
+++ b/README.md
@ -56,6 +56,7 @@ Tracman will be updated according to [this branching model](http://nvie.com/post
 [view full changelog](CHANGELOG.md)

 #### v0.8.0
+* Removed buggy login/-out redirects
 * [#111](https://github.com/Tracman-org/Server/issues/111) Implemented service worker
 * [#116](https://github.com/Tracman-org/Server/issues/116) Switched promises for async/await
 * [#64](https://github.com/Tracman-org/Server/issues/64) Started using promises in model methods
--- a/config/passport.js
+++ b/config/passport.js
@ -38,7 +38,6 @@ module.exports = (passport) => {
      // No user with that email
      if (!user) {
        debug(`No user with that email`)
-        req.session.next = undefined
        return done(null, false, req.flash('warning', 'Incorrect email or password.'))

      // User exists
@ -51,11 +50,11 @@ module.exports = (passport) => {
        // Password incorrect
        if (!res) {
          debug(`Incorrect password`)
-          req.session.next = undefined
          return done(null, false, req.flash('warning', 'Incorrect email or password.'))

        // Successful login
        } else {
+          if (!user.lastLogin) req.forNewUser = true
          user.lastLogin = Date.now()
          user.save()
          return done(null, user)
@ -87,7 +86,7 @@ module.exports = (passport) => {
          if (service === 'google') {
            try {
              let user = await User.findOne({ 'googleID': parseInt(profileId, 10) })
-              
+
              // User exists with old schema
              if (user) {
                debug(`User ${user.id} exists with old schema.  Lazily updating...`)
--- a/config/routes/auth.js
+++ b/config/routes/auth.js
@ -17,11 +17,11 @@ module.exports = (app, passport) => {
    failureFlash: true
  }
  const loginCallback = (req, res) => {
-    debug(`Login callback called... redirecting to ${req.session.next}`)
+    debug(`Logged in... redirecting to /map`)
    req.flash(req.session.flashType, req.session.flashMessage)
    req.session.flashType = undefined
    req.session.flashMessage = undefined
-    res.redirect(req.session.next || '/map')
+    res.redirect('/map'+(req.forNewUser)?'/map?new=1':'')
  }
  const appLoginCallback = (req, res, next) => {
    debug('appLoginCallback called.')
@ -44,8 +44,9 @@ module.exports = (app, passport) => {
    .post(passport.authenticate('local', loginOutcome), loginCallback)
  app.get('/logout', (req, res) => {
    req.logout()
+    debug(`Logged out, redirecting to /`)
    req.flash('success', `You have been logged out.`)
-    res.redirect(req.session.next || '/')
+    res.redirect( '/')
  })

  // Signup
--- a/config/routes/contact.js
+++ b/config/routes/contact.js
@ -65,7 +65,7 @@ module.exports = router
              text: req.body.message
            })
            req.flash('success', `Your message has been sent. `)
-            res.redirect(req.session.next || '/')
+            res.redirect('/')
          } catch (err) {
            mw.throwErr(err, req)
            res.redirect('/contact')
--- a/config/routes/settings.js
+++ b/config/routes/settings.js
@ -174,7 +174,7 @@ router.get('/email/:token', mw.ensureAuth, async (req, res, next) => {

    } catch (err) {
      mw.throwErr(err, req)
-      res.redirect(req.session.next || '/settings')
+      res.redirect('/settings')
    }

  // Invalid token
@ -296,7 +296,7 @@ router.route('/password/:token')
        } else {
          debug('New user created password')
          req.flash('success', 'Password set.  You can use it to log in now. ')
-          res.redirect('/login?next=/map?new=1')
+          res.redirect('/login')
        }

      } catch (err) {
--- a/server.js
+++ b/server.js
@ -82,17 +82,6 @@ let ready_promise_list = []

  // Default locals available to all views (keep this after static files)
  app.get('*', (req, res, next) => {
-    // Path for redirects
-    let nextPath = (
-      (req.query.next) ? req.query.next
-      : req.path.substring(0, req.path.indexOf('#')) || req.path)
-    if (
-      nextPath.substring(0, 6) !== '/login'||'/admin' &&
-      nextPath.substring(0, 7) !== 'signup'||'/logout'||'/static'
-    ) {
-      req.session.next = nextPath + '#'
-      debug(`Set redirect path to ${nextPath}#`)
-    }

    // User account
    res.locals.user = req.user
--- a/test/auth.js
+++ b/test/auth.js
@ -109,7 +109,7 @@ describe('Authentication', () => {
          .type('form').send({ 'password':TEST_PASSWORD })

        // Expect redirect
-        chai.expect(res).to.redirectTo('/login?next=/map?new=1')
+        chai.expect(res).to.redirectTo('/login')

        // Retrieve user with password saved
        let passworded_user = await User.findOne({'email':TEST_EMAIL} )