|
@@ -68,18 +68,21 @@ func NewSSOHandler(config *SSOConfig) (*SSOHandler, error) {
|
|
|
// return false if the request is not authorized and shall not be proceed
|
|
// return false if the request is not authorized and shall not be proceed
|
|
|
// Note that only accounts that have SSO enabled will be handled by this handler
|
|
// Note that only accounts that have SSO enabled will be handled by this handler
|
|
|
func (h *SSOHandler) ServeForwardAuth(w http.ResponseWriter, r *http.Request) bool {
|
|
func (h *SSOHandler) ServeForwardAuth(w http.ResponseWriter, r *http.Request) bool {
|
|
|
|
|
+ //Get the current uri for appending to the auth subdomain
|
|
|
|
|
+ originalRequestURL := r.RequestURI
|
|
|
|
|
+
|
|
|
//Check if the user have the cookie "Zoraxy-SSO" set
|
|
//Check if the user have the cookie "Zoraxy-SSO" set
|
|
|
session, err := h.cookieStore.Get(r, "Zoraxy-SSO")
|
|
session, err := h.cookieStore.Get(r, "Zoraxy-SSO")
|
|
|
if err != nil {
|
|
if err != nil {
|
|
|
//Redirect to auth subdomain
|
|
//Redirect to auth subdomain
|
|
|
- http.Redirect(w, r, h.Config.AuthURL, http.StatusFound)
|
|
|
|
|
|
|
+ http.Redirect(w, r, h.Config.AuthURL+"?m=new&t="+originalRequestURL, http.StatusFound)
|
|
|
return false
|
|
return false
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
//Check if the user is logged in
|
|
//Check if the user is logged in
|
|
|
if session.Values["username"] != true {
|
|
if session.Values["username"] != true {
|
|
|
//Redirect to auth subdomain
|
|
//Redirect to auth subdomain
|
|
|
- http.Redirect(w, r, h.Config.AuthURL, http.StatusFound)
|
|
|
|
|
|
|
+ http.Redirect(w, r, h.Config.AuthURL+"?m=expired&t="+originalRequestURL, http.StatusFound)
|
|
|
return false
|
|
return false
|
|
|
}
|
|
}
|
|
|
|
|
|
Toby Chui