more robust oauth

2026-04-20 12:26:01 +00:00 · 2022-11-27 10:43:25 +01:00
parent b1ae7d53b9
commit d84adcca5d
5 changed files with 51 additions and 10 deletions
--- a/packages/web/src/clientAuth.ts
+++ b/packages/web/src/clientAuth.ts
@@ -21,9 +21,16 @@ export function handleOauthCallback() {
      code: sentCode,
      redirectUri: location.origin + location.pathname,
    }).then(authResp => {
-      const { accessToken } = authResp;
-      localStorage.setItem('accessToken', accessToken);
-      internalRedirectTo('/');
+      const { accessToken, error, errorMessage } = authResp;
+
+      if (accessToken) {
+        console.log('Settings access token from OAUTH');
+        localStorage.setItem('accessToken', accessToken);
+        internalRedirectTo('/');
+      } else {
+        console.log('Error when processing OAUTH callback', error || errorMessage);
+        internalRedirectTo(`/?page=not-logged&error=${error || errorMessage}`);
+      }
    });

    return true;
--- a/packages/web/src/commands/stdCommands.ts
+++ b/packages/web/src/commands/stdCommands.ts
@@ -36,6 +36,7 @@ import runCommand from './runCommand';
 import { openWebLink } from '../utility/exportFileTools';
 import { getSettings } from '../utility/metadataLoaders';
 import { isMac } from '../utility/common';
+import { internalRedirectTo } from '../clientAuth';

 // function themeCommand(theme: ThemeDefinition) {
 //   return {
@@ -549,7 +550,20 @@ registerCommand({
  name: 'Logout',
  testEnabled: () => getCurrentConfig()?.login != null,
  onClick: () => {
-    window.location.href = 'config/logout';
+    const config = getCurrentConfig();
+    if (config.oauth) {
+      localStorage.removeItem('accessToken');
+      if (config.oauthLogout) {
+        window.location.href = config.oauthLogout;
+      } else {
+        internalRedirectTo('/?page=not-logged');
+      }
+    } else if (config.isLoginForm) {
+      localStorage.removeItem('accessToken');
+      internalRedirectTo('/?page=not-logged');
+    } else {
+      window.location.href = 'config/logout';
+    }
  },
 });

--- a/packages/web/src/utility/api.ts
+++ b/packages/web/src/utility/api.ts
@@ -71,10 +71,15 @@ export async function apiCall(route: string, args: {} = undefined) {
    });

    if (resp.status == 401 && !apiDisabled) {
+      const params = new URLSearchParams(location.search);
+
      disableApi();
      console.log('Disabling API', route);
-      // unauthorized
-      redirectToLogin();
+      if (params.get('page') != 'login' && params.get('page') != 'not-logged') {
+        // unauthorized
+        redirectToLogin();
+      }
+      return;
    }

    const json = await resp.json();