Handle redirection after registration either with U2F or TOTP

This commit is contained in:
Clement Michaud 2017-03-15 23:47:59 +01:00
parent 606ddc7308
commit 0eb5379a45
5 changed files with 38 additions and 4 deletions

View File

@ -109,8 +109,12 @@ function identity_check_post(endpoint, icheck_interface) {
throw new exceptions.AccessDeniedError(); throw new exceptions.AccessDeniedError();
}) })
.then(function(token) { .then(function(token) {
var redirect_url = objectPath.get(req, 'body.redirect');
var original_url = util.format('https://%s%s', req.headers.host, req.headers['x-original-uri']); var original_url = util.format('https://%s%s', req.headers.host, req.headers['x-original-uri']);
var link_url = util.format('%s?identity_token=%s', original_url, token); var link_url = util.format('%s?identity_token=%s', original_url, token);
if(redirect_url) {
link_url = util.format('%s&redirect=%s', link_url, redirect_url);
}
logger.info('POST identity_check: notify to %s', identity.userid); logger.info('POST identity_check: notify to %s', identity.userid);
return notifier.notify(identity, icheck_interface.email_subject, link_url); return notifier.notify(identity, icheck_interface.email_subject, link_url);

View File

@ -3,6 +3,11 @@
params={}; params={};
location.search.replace(/[?&]+([^=&]+)=([^&]*)/gi,function(s,k,v){params[k]=v}); location.search.replace(/[?&]+([^=&]+)=([^&]*)/gi,function(s,k,v){params[k]=v});
function get_redirect_param() {
if('redirect' in params)
return params['redirect'];
return;
}
function setupEnterKeypressListener(filter, fn) { function setupEnterKeypressListener(filter, fn) {
$(filter).on('keydown', 'input', function (e) { $(filter).on('keydown', 'input', function (e) {
@ -49,7 +54,12 @@ function onTotpSignButtonClicked() {
function onTotpRegisterButtonClicked() { function onTotpRegisterButtonClicked() {
$.ajax({ $.ajax({
type: 'POST', type: 'POST',
url: '/authentication/totp-register' url: '/authentication/totp-register',
data: JSON.stringify({
redirect: get_redirect_param()
}),
contentType: 'application/json',
dataType: 'json',
}) })
.done(function(data) { .done(function(data) {
$.notify('An email has been sent to your email address', 'info'); $.notify('An email has been sent to your email address', 'info');
@ -82,7 +92,12 @@ function onU2fRegistrationButtonClicked() {
function askForU2fRegistration(fn) { function askForU2fRegistration(fn) {
$.ajax({ $.ajax({
type: 'POST', type: 'POST',
url: '/authentication/u2f-register' url: '/authentication/u2f-register',
data: JSON.stringify({
redirect: get_redirect_param()
}),
contentType: 'application/json',
dataType: 'json',
}) })
.done(function(data) { .done(function(data) {
fn(undefined, data); fn(undefined, data);
@ -158,6 +173,7 @@ function validateFirstFactor(username, password, fn) {
}); });
} }
function redirect() { function redirect() {
var redirect_uri = '/'; var redirect_uri = '/';
if('redirect' in params) { if('redirect' in params) {

View File

@ -1,5 +1,8 @@
(function() { (function() {
params={};
location.search.replace(/[?&]+([^=&]+)=([^&]*)/gi,function(s,k,v){params[k]=v});
function generateSecret(fn) { function generateSecret(fn) {
$.ajax({ $.ajax({
type: 'POST', type: 'POST',
@ -22,7 +25,18 @@ function onSecretGenerated(err, secret) {
$("#secret").text(secret.base32); $("#secret").text(secret.base32);
} }
function redirect() {
var redirect_uri = '/authentication/login';
if('redirect' in params) {
redirect_uri = params['redirect'];
}
window.location.replace(redirect_uri);
}
$(document).ready(function() { $(document).ready(function() {
generateSecret(onSecretGenerated); generateSecret(onSecretGenerated);
$('#login-button').on('click', function() {
redirect();
});
}); });
})(); })();

View File

@ -39,7 +39,7 @@ function startRegister(fn, timeout) {
} }
function redirect() { function redirect() {
var redirect_uri = '/'; var redirect_uri = '/authentication/login';
if('redirect' in params) { if('redirect' in params) {
redirect_uri = params['redirect']; redirect_uri = params['redirect'];
} }

View File

@ -9,7 +9,7 @@
<p>Insert your secret in Google Authenticator</p> <p>Insert your secret in Google Authenticator</p>
<p id="secret"></p> <p id="secret"></p>
<div id="qrcode"></div> <div id="qrcode"></div>
<p><a href="/authentication/login">Login</a></p> <p><a href="#" id="login-button">Login</a></p>
</div> </div>
</body> </body>