From c56024f4a11f1c7471325f0a63c3b6ace68216a2 Mon Sep 17 00:00:00 2001 From: Jaren Brownlee Date: Mon, 23 Jan 2023 15:16:53 -0700 Subject: [PATCH] fixed it (#201) --- src/http_server/authentication/local.ts | 2 +- src/http_server/middleware.ts | 4 ++-- src/http_server/routes/access_management/oauth_routes.ts | 7 ++++--- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/src/http_server/authentication/local.ts b/src/http_server/authentication/local.ts index e39a3be78..c939eabd4 100644 --- a/src/http_server/authentication/local.ts +++ b/src/http_server/authentication/local.ts @@ -46,7 +46,7 @@ export function LocalAuthMiddleware(req: express.Request, resp: express.Response return; } - passport.authenticate('local', (err, user, info) => { + passport.authenticate('local', {keepSessionInfo: true}, (err, user, info) => { if (err) { return resp.redirect(buildUrl('/oauth', {queryParams: {error: `${err}`}})); } diff --git a/src/http_server/middleware.ts b/src/http_server/middleware.ts index 77f189d5a..4a6f68eef 100644 --- a/src/http_server/middleware.ts +++ b/src/http_server/middleware.ts @@ -101,11 +101,11 @@ export function authenticateRoute(): any { // basic assumes we are sending the username/password each request. In this // case we don't rely on the session for any login/user information case 'basic': { - return passport.authenticate('basic', {session: true}); + return passport.authenticate('basic', {session: true, keepSessionInfo: true}); } case 'token': { - return passport.authenticate('jwt', {session: false}); + return passport.authenticate('jwt', {session: false, keepSessionInfo: true}); } default: { diff --git a/src/http_server/routes/access_management/oauth_routes.ts b/src/http_server/routes/access_management/oauth_routes.ts index f1c4afc8a..68471870a 100644 --- a/src/http_server/routes/access_management/oauth_routes.ts +++ b/src/http_server/routes/access_management/oauth_routes.ts @@ -323,7 +323,6 @@ export default class OAuthRoutes { } private static loginPage(req: Request, res: Response, next: NextFunction) { - req.logout((err: any) => {}); // in case a previous user logged into a session const oauthRequest = oauthRepo.authorizationFromRequest(req); return res.render('login', { @@ -360,18 +359,20 @@ export default class OAuthRoutes { passport.authenticate('saml', { failureRedirect: '/unauthorized', failureFlash: true, + keepSessionInfo: true, })(req, res); }); } else { passport.authenticate('saml', { failureRedirect: '/unauthorized', failureFlash: true, + keepSessionInfo: true, })(req, res); } } private static saml(req: Request, res: Response, next: NextFunction) { - passport.authenticate('saml', (err, user, info) => { + passport.authenticate('saml', {keepSessionInfo: true}, (err, user, info) => { if (err) { res.redirect(buildUrl('/oauth', {queryParams: {error: `${err}`}})); return; @@ -402,7 +403,7 @@ export default class OAuthRoutes { } private static logout(req: Request, res: Response, next: NextFunction) { - req.logout((err: any) => {}); + req.logout({keepSessionInfo: true}, (err: any) => {}); if (req.query.redirect_uri) { return res.redirect(req.query.redirect_uri as string);