Auth redirect URLs

dynastic · May 8, 2017 · da802cc · da802cc
1 parent bb29e9a
commit da802cc
Show file tree

Hide file tree

Showing 6 changed files with 36 additions and 60 deletions.
diff --git a/routes/public.js b/routes/public.js
@@ -126,11 +126,12 @@ function PublicRouter(app) {
     router.post('/signin', function(req, res, next) {
         if (req.user) return res.redirect("/");
         if (!req.body.username || !req.body.password) return responseFactory.sendRenderedResponse("public/signin", req, res, { error: { message: "A username and password are required." }, username: req.body.username });
+        var redirectURL = typeof req.query.redirectURL !== 'undefined' ? req.query.redirectURL : null;
         passport.authenticate('local', function(err, user, info) {
             if (!user) return responseFactory.sendRenderedResponse("public/signin", req, res, { error: info.error || { message: "An unknown error occurred." }, username: req.body.username });
             req.login(user, function(err) {
                 if (err) return responseFactory.sendRenderedResponse("public/signin", req, res, { error: { message: "An unknown error occurred." }, username: req.body.username });
-                return res.redirect("/?signedin=1");
+                return res.redirect(`/${redirectURL || ""}`);
             });
         })(req, res, next);
     });
@@ -140,28 +141,6 @@ function PublicRouter(app) {
         return responseFactory.sendRenderedResponse("public/signup", req, res, { captcha: app.enableCaptcha });
     });
 
-    router.get('/account', function(req, res) {
-        if (!req.user) return res.redirect("/signin");
-        res.redirect("/@" + req.user.name);
-    });
-
-    router.get('/user/:userID', function(req, res, next) {
-        User.findById(req.params.userID).then(user => {
-            res.redirect(`/@${user.name}`);
-        }).catch(err => next())
-    });
-
-    router.get('/@:username', function(req, res, next) {
-        User.findByUsername(req.params.username).then(user => {
-            if((user.banned || user.deactivated) && !(req.user.moderator || req.user.admin)) return next();
-            user.getLatestAvailablePixel().then(pixel => {
-                return responseFactory.sendRenderedResponse("public/account", req, res, { profileUser: user, pixel: pixel, isLatestPixel: pixel ? ~((pixel.lastModified - user.lastPlace) / 1000) <= 3 : false, hasNewPassword: req.query.hasNewPassword });
-            }).catch(err => {
-                return responseFactory.sendRenderedResponse("public/account", req, res, { profileUser: user, pixel: null, isLatestPixel: false, hasNewPassword: req.query.hasNewPassword });            
-            });
-        }).catch(err => next())
-    });
-
     router.post('/signup', signupRatelimit.prevent, function(req, res, next) {
         function renderResponse(errorMsg) {
             return responseFactory.sendRenderedResponse("public/signup", req, res, { captcha: app.enableCaptcha, error: { message: errorMsg || "An unknown error occurred" }, username: req.body.username });
@@ -171,10 +150,11 @@ function PublicRouter(app) {
                 if(!user) return renderResponse(error.message);
                 req.login(user, function(err) {
                     if (err) return renderResponse(null);
-                    return res.redirect("/?signedup=1");
+                    return res.redirect(`/${redirectURL || ""}`);
                 });
             });
         }
+        var redirectURL = typeof req.query.redirectURL !== 'undefined' ? req.query.redirectURL : null;
         if (req.user) return res.redirect("/");
         fs.exists(__dirname + "/../config/community_guidelines.md", exists => {
             if (!req.body.username || !req.body.password || !req.body.passwordverify) return renderResponse("Please fill out all the fields.")
@@ -189,6 +169,28 @@ function PublicRouter(app) {
         });
     });
 
+    router.get('/account', function(req, res) {
+        if (!req.user) return res.redirect("/signin");
+        res.redirect("/@" + req.user.name);
+    });
+
+    router.get('/user/:userID', function(req, res, next) {
+        User.findById(req.params.userID).then(user => {
+            res.redirect(`/@${user.name}`);
+        }).catch(err => next())
+    });
+
+    router.get('/@:username', function(req, res, next) {
+        User.findByUsername(req.params.username).then(user => {
+            if((user.banned || user.deactivated) && !(req.user.moderator || req.user.admin)) return next();
+            user.getLatestAvailablePixel().then(pixel => {
+                return responseFactory.sendRenderedResponse("public/account", req, res, { profileUser: user, pixel: pixel, isLatestPixel: pixel ? ~((pixel.lastModified - user.lastPlace) / 1000) <= 3 : false, hasNewPassword: req.query.hasNewPassword });
+            }).catch(err => {
+                return responseFactory.sendRenderedResponse("public/account", req, res, { profileUser: user, pixel: null, isLatestPixel: false, hasNewPassword: req.query.hasNewPassword });            
+            });
+        }).catch(err => next())
+    });
+
     if(typeof config.oauth !== 'undefined') {
         router.get('/auth/google', function(req, res, next) {
             passport.authenticate('google', { scope: ['https://www.googleapis.com/auth/plus.login'] }, function(err, user, info) {
@@ -268,7 +270,8 @@ function PublicRouter(app) {
 
     router.get('/signout', function(req, res) {
         req.logout();
-        res.redirect("/?signedout=1");
+        var redirectURL = typeof req.query.redirectURL !== 'undefined' ? req.query.redirectURL : null;
+        return res.redirect(`/${redirectURL || ""}`);
     });
 
 

diff --git a/util/HTTPServer.js b/util/HTTPServer.js
@@ -52,7 +52,7 @@ function HTTPServer(app) {
         function authUser(user) {
             if(user && user.loginError()) {
                 req.session.passport = null;
-                return res.redirect("/signin?loginerror=1&error=" + encodeURIComponent(user.loginError().message));
+                return res.redirect("/signin?loginerror=1&logintext=" + encodeURIComponent(user.loginError().message));
             }
             if(user) user.recordAccess(app, req.get("User-Agent"), req.get('X-Forwarded-For') || req.connection.remoteAddress, (typeof req.key !== 'undefined' ? req.key : null));
             req.user = user;

diff --git a/util/ResponseFactory.js b/util/ResponseFactory.js
@@ -4,7 +4,9 @@ const fs = require("fs");
 function ResponseFactory(app, root = "") {
     return {
         sendRenderedResponse: function(template, req, res, data, mimeType = "text/html") {
-            var sendData = { url: req.url, path: root + req.path, config: config, fs: fs, renderCaptcha: () => app.recaptcha.render() };
+            var path = root + req.path;
+            var redirectURLPart = req.path == "/signin" || req.path == "/signup" ? "" : encodeURIComponent(req.url.substr(1));
+            var sendData = { url: req.url, path: path, config: config, fs: fs, renderCaptcha: () => app.recaptcha.render(), redirectURLPart: redirectURLPart };
             if (typeof req.user !== undefined) sendData.user = req.user;
             if (typeof data !== 'undefined') {
                 if (data) sendData = Object.assign({}, sendData, data);

diff --git a/views/header.html b/views/header.html
@@ -87,12 +87,12 @@
                 <ul class="dropdown-menu">
                   <%- renderNavItem("Account details", "/account", "pencil-square-o"); %>
                   <li role="separator" class="divider"></li>
-                  <%- renderNavItem("Sign out", "/signout", "sign-out"); %>
+                  <%- renderNavItem("Sign out", `/signout?redirectURL=${redirectURLPart}`, "sign-out"); %>
                 </ul>
               </li>
             <% } else { %>
-              <%- renderNavItem("Sign in", "/signin", "sign-in"); %>
-              <%- renderNavItem("Sign up", "/signup", "user-plus"); %>
+              <%- renderNavItem("Sign in", `/signin?redirectURL=${redirectURLPart}`, "sign-in"); %>
+              <%- renderNavItem("Sign up", `/signup?redirectURL=${redirectURLPart}`, "user-plus"); %>
             <% } %>
           </ul>
         </div>

diff --git a/views/public/place.html b/views/public/place.html
diff --git a/views/public/views/place.html b/views/public/views/place.html
@@ -25,7 +25,7 @@
             <div class="ctn-row">
                 <div id="palette" class="content">
                     <div class="overlay" id="sign-in-reminder">
-                        <span><a href="/signin">Sign in</a> or <a href="/signup">sign up</a> to start placing!</span>
+                        <span><a href="/signin?redirectURL=<%= redirectURLPart %>">Sign in</a> or <a href="/signup?redirectURL=<%= redirectURLPart %>">sign up</a> to start placing!</span>
                     </div>
                     <div class="overlay" id="placing-modal">
                         <span>Placing…<span>