Skip to content
This repository was archived by the owner on Aug 29, 2025. It is now read-only.

onprem: redirect to login page if in private mode #505

Merged
n-riesco merged 2 commits into from
Aug 3, 2018
Merged

onprem: redirect to login page if in private mode #505

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f1d35c2
onprem: redirect to login page if in private mode
n-riesco Aug 2, 2018
4662d97
onprem: redirect to /external-data-connector/login
n-riesco Aug 2, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 12 additions & 7 deletions backend/plugins/authorization.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,27 +44,32 @@ export function PlotlyOAuth(electron) {
return next();
}

// Auth is disabled for certain urls:
if (ESCAPED_ROUTES.some(path.match.bind(path))) {
// No Auth for electron apps:
if (electron) {
return next();
}

// No Auth for electron apps:
if (electron) {
// If not logged in and on-promise private-mode, redirect to login page
const plotlyAuthToken = req.cookies['plotly-auth-token'];
const onprem = getSetting('IS_RUNNING_INSIDE_ON_PREM');
if (path === '/' && !plotlyAuthToken && onprem) {
Copy link
Copy Markdown
Contributor

@tarzzz tarzzz Aug 2, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will also redirect to login when "private mode" is not enabled which we do not want.

We should be checking for "AUTH_ENABLED" setting for the redirects..

Copy link
Copy Markdown
Contributor Author

@n-riesco n-riesco Aug 2, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Github doesn't show it in the diff, but see that we have checked AUTH_ENABLED in the lines above.

Copy link
Copy Markdown
Contributor

@tarzzz tarzzz Aug 2, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, thanks for the info.

We should still redirect to /external-data-connector/login instead of just /login ..

return res.redirect('/external-data-connector/login', next);
}

// Auth is disabled for certain urls:
if (ESCAPED_ROUTES.some(path.match.bind(path))) {
return next();
}

if (accessTokenIsValid(req.cookies['db-connector-auth-token'])) {
return next();
}

if (!req.cookies['plotly-auth-token']) {
if (!plotlyAuthToken) {
res.json(401, {error: {message: 'Please login to access this page.'}});
return next(false);
}

const plotlyAuthToken = req.cookies['plotly-auth-token'];

fetch(`${getSetting('PLOTLY_API_URL')}/v2/users/current`, {
headers: {'Authorization': `Bearer ${plotlyAuthToken}`}
})
Expand Down