frodovdr/node-red
1
0
Fork 0
mirror of https://github.com/node-red/node-red.git synced 2025-03-01 10:36:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4815 from node-red/update-cookie-auth

Browse Source 
Allow auth cookie name to be customised
This commit is contained in:
Nick O'Leary 2024-06-28 16:58:36 +01:00 committed by GitHub
commit c873b57094
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
packages/node_modules/@node-red/editor-api/lib/auth/index.js vendored
View File

@ -182,6 +182,10 @@ function genericStrategy(adminApp,strategy) {
maxAge: null, maxAge: null,
...settings.httpAdminCookieOptions ...settings.httpAdminCookieOptions
} }
if (sessionOptions.cookie.name){
sessionOptions.name = sessionOptions.cookie.name
delete sessionOptions.cookie.name
}
} }
adminApp.use(session(sessionOptions)); adminApp.use(session(sessionOptions));
//TODO: all passport references ought to be in ./auth //TODO: all passport references ought to be in ./auth
@ -217,10 +221,10 @@ function genericStrategy(adminApp,strategy) {
adminApp.get('/auth/strategy', adminApp.get('/auth/strategy',
passport.authenticate(strategy.name, { passport.authenticate(strategy.name, {
session:false, session:false,
failureMessage: true, failWithError: true,
failureRedirect: settings.httpAdminRoot + '?session_message=Login Failed' failureMessage: true
}), }),
completeGenerateStrategyAuth, completeGenericStrategyAuth,
handleStrategyError handleStrategyError
); );
@ -232,14 +236,14 @@ function genericStrategy(adminApp,strategy) {
passport.authenticate(strategy.name, { passport.authenticate(strategy.name, {
session:false, session:false,
failureMessage: true, failureMessage: true,
failureRedirect: settings.httpAdminRoot + '?session_message=Login Failed' failWithError: true
}), }),
completeGenerateStrategyAuth, completeGenericStrategyAuth,
handleStrategyError handleStrategyError
); );
} }
function completeGenerateStrategyAuth(req,res) { function completeGenericStrategyAuth(req,res) {
var tokens = req.user.tokens; var tokens = req.user.tokens;
delete req.user.tokens; delete req.user.tokens;
// Successful authentication, redirect home. // Successful authentication, redirect home.
@ -249,6 +253,8 @@ function handleStrategyError(err, req, res, next) {
if (res.headersSent) { if (res.headersSent) {
return next(err) return next(err)
} }
// Remove the header that passport auto-adds as we don't need it
res.removeHeader('WWW-Authenticate')
log.audit({event: "auth.login.fail.oauth",error:err.toString()}); log.audit({event: "auth.login.fail.oauth",error:err.toString()});
res.redirect(settings.httpAdminRoot + '?session_message='+err.toString()); res.redirect(settings.httpAdminRoot + '?session_message='+err.toString());
} }