0ct0pu5/photoprism
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Oidc: Improve automatic OIDC login #782

Browse source
This commit is contained in:
Timo Volkmann 2021-11-03 18:14:33 +01:00
parent 2dce7c37e5
commit 16eb023d89
3 changed files with 33 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
assets/templates/callback.tmpl
View file

@ -47,10 +47,10 @@
window.localStorage.setItem("session_id", {{ .id }})
window.localStorage.setItem("data", JSON.stringify({{ .data }}));
window.localStorage.setItem("config", JSON.stringify({{ .config }}));
window.location.href = '/login'
{{ else if and .status (eq .status "error") }}
window.localStorage.setItem("auth_error", {{ .errors }});
{{ else }}
window.localStorage.setItem("link_user", JSON.stringify({{ .linkUser }}));
window.location.href = '/login?preventAutoLogin=true'
{{ end }}
</script>
</body>

35
frontend/src/pages/login.vue
View file

@ -71,6 +71,7 @@
<script>
import Notify from "../common/notify";
import axios from "axios";
export default {
name: 'Login',
@ -87,14 +88,28 @@ export default {
rtl: this.$rtl,
};
},
mounted() {
if (this.authProvider) {
const preventAutoLogin = sessionStorage.getItem("preventAutoLogin");
sessionStorage.removeItem("preventAutoLogin");
if (!preventAutoLogin && !(this.$route.query.preventAutoLogin)) {
this.loginExternal();
}
created() {
const c = window.__CONFIG__;
const preventAutoLogin = sessionStorage.getItem("preventAutoLogin");
sessionStorage.removeItem("preventAutoLogin");
if (!c.oidc || this.$route.query.preventAutoLogin || preventAutoLogin) {
return;
}
const cleanup = () => {
window.localStorage.removeItem('config');
window.localStorage.removeItem('auth_error');
};
const redirect = () => {
// check if oidc provider is available
axios.get(c.oidc,{ timeout: 1000}).then(response => {
// redirect to oidc provider
window.location.href = '/api/v1/auth/external';
}).catch(error => {
if (c.debug) console.log(error);
});
};
const externalLogin = this.onExternalLogin(cleanup, redirect);
externalLogin();
},
methods: {
login() {
@ -120,7 +135,10 @@ export default {
popup.close();
};
window.onstorage = () => {
window.onstorage = this.onExternalLogin(cleanup);
},
onExternalLogin(cleanup, redirect) {
return () => {
const sid = window.localStorage.getItem('session_id');
const data = window.localStorage.getItem('data');
const config = window.localStorage.getItem('config');
@ -133,6 +151,7 @@ export default {
return;
}
if (sid === null || data === null || config === null) {
if (typeof redirect === 'function') redirect();
return;
}
this.$session.setId(sid);

8
internal/config/client.go
View file

@ -62,7 +62,7 @@ type ClientConfig struct {
Categories CategoryLabels `json:"categories"`
Clip int `json:"clip"`
Server RuntimeInfo `json:"server"`
Oidc bool `json:"oidc"`
Oidc string `json:"oidc,omitempty"`
Acl acl.ACL `json:"acl"`
}
@ -218,7 +218,7 @@ func (c *Config) PublicConfig() ClientConfig {
Clip: txt.ClipDefault,
PreviewToken: "public",
DownloadToken: "public",
Oidc: c.OidcIssuerUrl() != nil && c.OidcClientId() != "" && c.OidcClientSecret() != "",
Oidc: c.OidcIssuerUrl().String(),
Acl: acl.Permissions,
}
@ -284,7 +284,7 @@ func (c *Config) GuestConfig() ClientConfig {
CSSHash: fs.Checksum(c.BuildPath() + "/share.css"),
ManifestHash: fs.Checksum(c.TemplatesPath() + "/manifest.json"),
Clip: txt.ClipDefault,
Oidc: c.OidcIssuerUrl() != nil && c.OidcClientId() != "" && c.OidcClientSecret() != "",
Oidc: c.OidcIssuerUrl().String(),
Acl: acl.Permissions,
}
@ -344,7 +344,7 @@ func (c *Config) UserConfig() ClientConfig {
ManifestHash: fs.Checksum(c.TemplatesPath() + "/manifest.json"),
Clip: txt.ClipDefault,
Server: NewRuntimeInfo(),
Oidc: c.OidcIssuerUrl() != nil && c.OidcClientId() != "" && c.OidcClientSecret() != "",
Oidc: c.OidcIssuerUrl().String(),
Acl: acl.Permissions,
}