fix: back link on password page needs to be explicit.
The back link on the password page was using Javascript to tell the browser to navigate back, which won't work if the user has entered a set of incorrect log-in details. Fix this by using an explicit URL instead. Fixes #1851 Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
This commit is contained in:
parent
cdbb5dd94d
commit
0284a4c3c9
@ -232,7 +232,16 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
scopes := parseScopes(authReq.Scopes)
|
scopes := parseScopes(authReq.Scopes)
|
||||||
showBacklink := len(s.connectors) > 1
|
|
||||||
|
// Work out where the "Select another login method" link should go.
|
||||||
|
backLink := ""
|
||||||
|
if len(s.connectors) > 1 {
|
||||||
|
backLinkURL := url.URL{
|
||||||
|
Path: s.absPath("/auth"),
|
||||||
|
RawQuery: r.Form.Encode(),
|
||||||
|
}
|
||||||
|
backLink = backLinkURL.String()
|
||||||
|
}
|
||||||
|
|
||||||
switch r.Method {
|
switch r.Method {
|
||||||
case http.MethodGet:
|
case http.MethodGet:
|
||||||
@ -249,7 +258,7 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
http.Redirect(w, r, callbackURL, http.StatusFound)
|
http.Redirect(w, r, callbackURL, http.StatusFound)
|
||||||
case connector.PasswordConnector:
|
case connector.PasswordConnector:
|
||||||
if err := s.templates.password(r, w, r.URL.String(), "", usernamePrompt(conn), false, showBacklink); err != nil {
|
if err := s.templates.password(r, w, r.URL.String(), "", usernamePrompt(conn), false, backLink); err != nil {
|
||||||
s.logger.Errorf("Server template error: %v", err)
|
s.logger.Errorf("Server template error: %v", err)
|
||||||
}
|
}
|
||||||
case connector.SAMLConnector:
|
case connector.SAMLConnector:
|
||||||
@ -297,7 +306,7 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !ok {
|
if !ok {
|
||||||
if err := s.templates.password(r, w, r.URL.String(), username, usernamePrompt(passwordConnector), true, showBacklink); err != nil {
|
if err := s.templates.password(r, w, r.URL.String(), username, usernamePrompt(passwordConnector), true, backLink); err != nil {
|
||||||
s.logger.Errorf("Server template error: %v", err)
|
s.logger.Errorf("Server template error: %v", err)
|
||||||
}
|
}
|
||||||
return
|
return
|
||||||
|
@ -266,15 +266,15 @@ func (t *templates) login(r *http.Request, w http.ResponseWriter, connectors []c
|
|||||||
return renderTemplate(w, t.loginTmpl, data)
|
return renderTemplate(w, t.loginTmpl, data)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (t *templates) password(r *http.Request, w http.ResponseWriter, postURL, lastUsername, usernamePrompt string, lastWasInvalid, showBacklink bool) error {
|
func (t *templates) password(r *http.Request, w http.ResponseWriter, postURL, lastUsername, usernamePrompt string, lastWasInvalid bool, backLink string) error {
|
||||||
data := struct {
|
data := struct {
|
||||||
PostURL string
|
PostURL string
|
||||||
BackLink bool
|
BackLink string
|
||||||
Username string
|
Username string
|
||||||
UsernamePrompt string
|
UsernamePrompt string
|
||||||
Invalid bool
|
Invalid bool
|
||||||
ReqPath string
|
ReqPath string
|
||||||
}{postURL, showBacklink, lastUsername, usernamePrompt, lastWasInvalid, r.URL.Path}
|
}{postURL, backLink, lastUsername, usernamePrompt, lastWasInvalid, r.URL.Path}
|
||||||
return renderTemplate(w, t.passwordTmpl, data)
|
return renderTemplate(w, t.passwordTmpl, data)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -27,7 +27,7 @@
|
|||||||
</form>
|
</form>
|
||||||
{{ if .BackLink }}
|
{{ if .BackLink }}
|
||||||
<div class="theme-link-back">
|
<div class="theme-link-back">
|
||||||
<a class="dex-subtle-text" href="javascript:history.back()">Select another login method.</a>
|
<a class="dex-subtle-text" href="{{ .BackLink }}">Select another login method.</a>
|
||||||
</div>
|
</div>
|
||||||
{{ end }}
|
{{ end }}
|
||||||
</div>
|
</div>
|
||||||
|
Reference in New Issue
Block a user