Handle redirection after registration either with U2F or TOTP

This commit is contained in:
Clement Michaud 2017-03-15 23:47:59 +01:00
parent 606ddc7308
commit 0eb5379a45
5 changed files with 38 additions and 4 deletions

View File

@ -109,8 +109,12 @@ function identity_check_post(endpoint, icheck_interface) {
throw new exceptions.AccessDeniedError();
})
.then(function(token) {
var redirect_url = objectPath.get(req, 'body.redirect');
var original_url = util.format('https://%s%s', req.headers.host, req.headers['x-original-uri']);
var link_url = util.format('%s?identity_token=%s', original_url, token);
if(redirect_url) {
link_url = util.format('%s&redirect=%s', link_url, redirect_url);
}
logger.info('POST identity_check: notify to %s', identity.userid);
return notifier.notify(identity, icheck_interface.email_subject, link_url);

View File

@ -3,6 +3,11 @@
params={};
location.search.replace(/[?&]+([^=&]+)=([^&]*)/gi,function(s,k,v){params[k]=v});
function get_redirect_param() {
if('redirect' in params)
return params['redirect'];
return;
}
function setupEnterKeypressListener(filter, fn) {
$(filter).on('keydown', 'input', function (e) {
@ -49,7 +54,12 @@ function onTotpSignButtonClicked() {
function onTotpRegisterButtonClicked() {
$.ajax({
type: 'POST',
url: '/authentication/totp-register'
url: '/authentication/totp-register',
data: JSON.stringify({
redirect: get_redirect_param()
}),
contentType: 'application/json',
dataType: 'json',
})
.done(function(data) {
$.notify('An email has been sent to your email address', 'info');
@ -82,7 +92,12 @@ function onU2fRegistrationButtonClicked() {
function askForU2fRegistration(fn) {
$.ajax({
type: 'POST',
url: '/authentication/u2f-register'
url: '/authentication/u2f-register',
data: JSON.stringify({
redirect: get_redirect_param()
}),
contentType: 'application/json',
dataType: 'json',
})
.done(function(data) {
fn(undefined, data);
@ -158,6 +173,7 @@ function validateFirstFactor(username, password, fn) {
});
}
function redirect() {
var redirect_uri = '/';
if('redirect' in params) {

View File

@ -1,5 +1,8 @@
(function() {
params={};
location.search.replace(/[?&]+([^=&]+)=([^&]*)/gi,function(s,k,v){params[k]=v});
function generateSecret(fn) {
$.ajax({
type: 'POST',
@ -22,7 +25,18 @@ function onSecretGenerated(err, secret) {
$("#secret").text(secret.base32);
}
function redirect() {
var redirect_uri = '/authentication/login';
if('redirect' in params) {
redirect_uri = params['redirect'];
}
window.location.replace(redirect_uri);
}
$(document).ready(function() {
generateSecret(onSecretGenerated);
$('#login-button').on('click', function() {
redirect();
});
});
})();

View File

@ -39,7 +39,7 @@ function startRegister(fn, timeout) {
}
function redirect() {
var redirect_uri = '/';
var redirect_uri = '/authentication/login';
if('redirect' in params) {
redirect_uri = params['redirect'];
}

View File

@ -9,7 +9,7 @@
<p>Insert your secret in Google Authenticator</p>
<p id="secret"></p>
<div id="qrcode"></div>
<p><a href="/authentication/login">Login</a></p>
<p><a href="#" id="login-button">Login</a></p>
</div>
</body>