Skip to content

Commit

Permalink
fix(backend): set correct redirect cookie
Browse files Browse the repository at this point in the history
  • Loading branch information
Björn Urban committed Oct 11, 2023
1 parent 238b76f commit 0f77e24
Show file tree
Hide file tree
Showing 2 changed files with 47 additions and 7 deletions.
8 changes: 5 additions & 3 deletions backend/cmd/kubevoyage/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@ import (

var db *gorm.DB

var frontendPathLocal = "../frontend/public" //./public

type loggingResponseWriter struct {
http.ResponseWriter
statusCode int
Expand Down Expand Up @@ -78,15 +80,15 @@ func setupServer(handle *handlers.Handler) http.Handler {
handler := cors.Default().Handler(mux)

// Serve static files
fs := http.FileServer(http.Dir("./public/")) // Adjust the path based on your directory structure
fs := http.FileServer(http.Dir(frontendPathLocal)) // Adjust the path based on your directory structure
mux.Handle("/", logMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Check if it's an API route first
if isAPIRoute(r.URL.Path) {
// Handle API routes separately
return
}

path := "./public" + r.URL.Path
path := frontendPathLocal + r.URL.Path
absolutePath, err := filepath.Abs(path)
if err != nil {
fmt.Println("Error getting absolute path:", err)
Expand All @@ -103,7 +105,7 @@ func setupServer(handle *handlers.Handler) http.Handler {
log.Println(err)
}
// Otherwise, serve index.html
http.ServeFile(w, r, "./public/index.html")
http.ServeFile(w, r, frontendPathLocal+"/index.html")
})))

mux.Handle("/api/requests", logMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
Expand Down
46 changes: 42 additions & 4 deletions backend/internal/handlers/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@ import (
"gorm.io/gorm"
"log"
"net/http"
"net/url"
"time"
)

Expand Down Expand Up @@ -89,12 +88,12 @@ func (h *Handler) HandleLogin(w http.ResponseWriter, r *http.Request) {
Domain: domain, // Adjust to your domain
Path: "/",
})
siteURL := r.URL.Query().Get("redirect")
siteURL, err := h.getRedirectFromCookie(r, w)
if siteURL == "" {
http.Error(w, "Redirect URL missing", http.StatusBadRequest)
return
} else {
http.Redirect(w, r, url.QueryEscape(siteURL), http.StatusSeeOther)
http.Redirect(w, r, siteURL, http.StatusSeeOther)
}
// Here, you'd typically generate a JWT or session token and send it back to the client.
// For simplicity, we'll just send a success message.
Expand Down Expand Up @@ -157,7 +156,8 @@ func (h *Handler) HandleAuthenticate(w http.ResponseWriter, r *http.Request) {
userEmail, err := h.getUserEmailFromToken(r)
if err != nil {
// If the user cannot be read from the cookie, redirect to /login with the site URL as a parameter
http.Redirect(w, r, "/login?redirect="+url.QueryEscape(siteURL), http.StatusSeeOther)
h.setRedirectCookie(siteURL, r, w)
http.Redirect(w, r, "/", http.StatusSeeOther)
return
}

Expand Down Expand Up @@ -226,6 +226,44 @@ func (h *Handler) getUserEmailFromToken(r *http.Request) (string, error) {
return userEmail, nil
}

func (h *Handler) setRedirectCookie(redirectUrl string, r *http.Request, w http.ResponseWriter) error {
domain, err := extractMainDomain(r.URL.String())
if err != nil {
log.Println(err.Error())
}
log.Println(domain)
http.SetCookie(w, &http.Cookie{
Name: "auth-site",
Value: redirectUrl,
Expires: time.Now().Add(15 * time.Minute), // Shorter duration
HttpOnly: true,
Secure: true, // Set this to true if using HTTPS
SameSite: http.SameSiteNoneMode, // Set this to true if using HTTPS
Domain: domain, // Adjust to your domain
Path: "/",
})
return nil
}
func (h *Handler) getRedirectFromCookie(r *http.Request, w http.ResponseWriter) (string, error) {
cookie, err := r.Cookie("auth-site")
if err != nil {
if errors.Is(err, http.ErrNoCookie) {
// No cookie found
return "", nil
}
return "", err
}

// Clear the cookie once it's read
//http.SetCookie(w, &http.Cookie{
// Name: "auth-site",
// Value: "",
// Expires: time.Unix(0, 0),
// Path: "/",
//})

return cookie.Value, nil
}
func (h *Handler) getRedirectUrl(r *http.Request) (string, error) {
// Extract the redirect parameter from the request to get the site URL.
siteURL := r.Header.Get("X-Forwarded-Uri")
Expand Down

0 comments on commit 0f77e24

Please sign in to comment.