From 6aba3ec9a81935ff12e11306a0e9091f9b1c4f44 Mon Sep 17 00:00:00 2001 From: Keith Irwin Date: Mon, 22 Jan 2018 22:05:02 +0000 Subject: [PATCH] Removed buggy login/-out redirects --- CHANGELOG.md | 1 + README.md | 1 + config/passport.js | 5 ++--- config/routes/auth.js | 7 ++++--- config/routes/contact.js | 2 +- config/routes/settings.js | 4 ++-- server.js | 11 ----------- test/auth.js | 2 +- 8 files changed, 12 insertions(+), 21 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d6d3975..e9fd89c 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,7 @@ # Tracman Server Changelog ###### v0.8.0 +* Removed buggy login/-out redirects * [#111](https://github.com/Tracman-org/Server/issues/111) Implemented service worker * [#116](https://github.com/Tracman-org/Server/issues/116) Switched promises for async/await * [#64](https://github.com/Tracman-org/Server/issues/64) Started using promises in model methods diff --git a/README.md b/README.md index 66abf37..babad1d 100755 --- a/README.md +++ b/README.md @@ -56,6 +56,7 @@ Tracman will be updated according to [this branching model](http://nvie.com/post [view full changelog](CHANGELOG.md) #### v0.8.0 +* Removed buggy login/-out redirects * [#111](https://github.com/Tracman-org/Server/issues/111) Implemented service worker * [#116](https://github.com/Tracman-org/Server/issues/116) Switched promises for async/await * [#64](https://github.com/Tracman-org/Server/issues/64) Started using promises in model methods diff --git a/config/passport.js b/config/passport.js index 52c2d94..e8269b4 100755 --- a/config/passport.js +++ b/config/passport.js @@ -38,7 +38,6 @@ module.exports = (passport) => { // No user with that email if (!user) { debug(`No user with that email`) - req.session.next = undefined return done(null, false, req.flash('warning', 'Incorrect email or password.')) // User exists @@ -51,11 +50,11 @@ module.exports = (passport) => { // Password incorrect if (!res) { debug(`Incorrect password`) - req.session.next = undefined return done(null, false, req.flash('warning', 'Incorrect email or password.')) // Successful login } else { + if (!user.lastLogin) req.forNewUser = true user.lastLogin = Date.now() user.save() return done(null, user) @@ -87,7 +86,7 @@ module.exports = (passport) => { if (service === 'google') { try { let user = await User.findOne({ 'googleID': parseInt(profileId, 10) }) - + // User exists with old schema if (user) { debug(`User ${user.id} exists with old schema. Lazily updating...`) diff --git a/config/routes/auth.js b/config/routes/auth.js index 18f156c..be925cd 100755 --- a/config/routes/auth.js +++ b/config/routes/auth.js @@ -17,11 +17,11 @@ module.exports = (app, passport) => { failureFlash: true } const loginCallback = (req, res) => { - debug(`Login callback called... redirecting to ${req.session.next}`) + debug(`Logged in... redirecting to /map`) req.flash(req.session.flashType, req.session.flashMessage) req.session.flashType = undefined req.session.flashMessage = undefined - res.redirect(req.session.next || '/map') + res.redirect('/map'+(req.forNewUser)?'/map?new=1':'') } const appLoginCallback = (req, res, next) => { debug('appLoginCallback called.') @@ -44,8 +44,9 @@ module.exports = (app, passport) => { .post(passport.authenticate('local', loginOutcome), loginCallback) app.get('/logout', (req, res) => { req.logout() + debug(`Logged out, redirecting to /`) req.flash('success', `You have been logged out.`) - res.redirect(req.session.next || '/') + res.redirect( '/') }) // Signup diff --git a/config/routes/contact.js b/config/routes/contact.js index 63d3a92..53b663b 100755 --- a/config/routes/contact.js +++ b/config/routes/contact.js @@ -65,7 +65,7 @@ module.exports = router text: req.body.message }) req.flash('success', `Your message has been sent. `) - res.redirect(req.session.next || '/') + res.redirect('/') } catch (err) { mw.throwErr(err, req) res.redirect('/contact') diff --git a/config/routes/settings.js b/config/routes/settings.js index 9800e3b..89e3b3d 100755 --- a/config/routes/settings.js +++ b/config/routes/settings.js @@ -174,7 +174,7 @@ router.get('/email/:token', mw.ensureAuth, async (req, res, next) => { } catch (err) { mw.throwErr(err, req) - res.redirect(req.session.next || '/settings') + res.redirect('/settings') } // Invalid token @@ -296,7 +296,7 @@ router.route('/password/:token') } else { debug('New user created password') req.flash('success', 'Password set. You can use it to log in now. ') - res.redirect('/login?next=/map?new=1') + res.redirect('/login') } } catch (err) { diff --git a/server.js b/server.js index 6f1dd60..5a74f86 100755 --- a/server.js +++ b/server.js @@ -82,17 +82,6 @@ let ready_promise_list = [] // Default locals available to all views (keep this after static files) app.get('*', (req, res, next) => { - // Path for redirects - let nextPath = ( - (req.query.next) ? req.query.next - : req.path.substring(0, req.path.indexOf('#')) || req.path) - if ( - nextPath.substring(0, 6) !== '/login'||'/admin' && - nextPath.substring(0, 7) !== 'signup'||'/logout'||'/static' - ) { - req.session.next = nextPath + '#' - debug(`Set redirect path to ${nextPath}#`) - } // User account res.locals.user = req.user diff --git a/test/auth.js b/test/auth.js index 325bc22..125007d 100755 --- a/test/auth.js +++ b/test/auth.js @@ -109,7 +109,7 @@ describe('Authentication', () => { .type('form').send({ 'password':TEST_PASSWORD }) // Expect redirect - chai.expect(res).to.redirectTo('/login?next=/map?new=1') + chai.expect(res).to.redirectTo('/login') // Retrieve user with password saved let passworded_user = await User.findOne({'email':TEST_EMAIL} )