diff --git a/backend/pkg/auth/middleware.go b/backend/pkg/auth/middleware.go index bdf9707..11163a0 100644 --- a/backend/pkg/auth/middleware.go +++ b/backend/pkg/auth/middleware.go @@ -21,56 +21,58 @@ func Provider(provider string) gin.HandlerFunc { } } -func Valid(ctx *gin.Context) { - providerName, err := gothic.GetProviderName(ctx.Request) - if err != nil { - zap.L().Error("failed to get provider name", zap.Error(err)) - ctx.AbortWithError(http.StatusPreconditionFailed, errors.New("provider name not avaialable in request")) - return - } +func Valid(basePath string) gin.HandlerFunc { + return func(ctx *gin.Context) { + providerName, err := gothic.GetProviderName(ctx.Request) + if err != nil { + zap.L().Error("failed to get provider name", zap.Error(err)) + ctx.AbortWithError(http.StatusPreconditionFailed, errors.New("provider name not avaialable in request")) + return + } - provider, err := goth.GetProvider(providerName) - if err != nil { - zap.L().Error("failed to get requested provider", zap.Error(err)) - ctx.AbortWithError(http.StatusPreconditionFailed, errors.New("provider not available")) - return - } + provider, err := goth.GetProvider(providerName) + if err != nil { + zap.L().Error("failed to get requested provider", zap.Error(err)) + ctx.AbortWithError(http.StatusPreconditionFailed, errors.New("provider not available")) + return + } - profile := ProfileFrom(ctx) - if profile == nil { - zap.L().Error("profile not found", zap.Error(err)) + profile := ProfileFrom(ctx) + if profile == nil { + zap.L().Error("profile not found", zap.Error(err)) - logout(ctx) - ctx.Redirect(http.StatusTemporaryRedirect, "/login") - return - } + logout(ctx) + ctx.Redirect(http.StatusTemporaryRedirect, basePath+"login") + return + } - session := sessions.Default(ctx) + session := sessions.Default(ctx) - sess := ProviderSession(providerName, profile) - if sess == nil { - zap.L().Error("could not create session from profile", zap.Error(err)) + sess := ProviderSession(providerName, profile) + if sess == nil { + zap.L().Error("could not create session from profile", zap.Error(err)) - logout(ctx) - ctx.Redirect(http.StatusTemporaryRedirect, "/login") - return - } + logout(ctx) + ctx.Redirect(http.StatusTemporaryRedirect, basePath+"login") + return + } - user, err := provider.FetchUser(sess) - if err != nil { - zap.L().Error("failed to validate session", zap.Error(err)) + user, err := provider.FetchUser(sess) + if err != nil { + zap.L().Error("failed to validate session", zap.Error(err)) - logout(ctx) - ctx.Redirect(http.StatusTemporaryRedirect, "/login") - return - } + logout(ctx) + ctx.Redirect(http.StatusTemporaryRedirect, basePath+"login") + return + } - session.Set("profile", NewProfile(user)) - if err := session.Save(); err != nil { - zap.L().Error("failed to save profile session", zap.Error(err)) - } + session.Set("profile", NewProfile(user)) + if err := session.Save(); err != nil { + zap.L().Error("failed to save profile session", zap.Error(err)) + } - ctx.Next() + ctx.Next() + } } func Auth(basePath string) gin.HandlerFunc { diff --git a/backend/pkg/config/config.go b/backend/pkg/config/config.go index 880b6ef..6e293c7 100644 --- a/backend/pkg/config/config.go +++ b/backend/pkg/config/config.go @@ -229,3 +229,11 @@ type Config struct { func (c *Config) AuthEnabled() bool { return c.OAuth.Enabled || c.OpenIDConnect.Enabled } + +func (c *Config) AuthBasePath() string { + if c.OAuth.Enabled { + return c.OAuth.BasePath() + } + + return c.OpenIDConnect.BasePath() +} diff --git a/backend/pkg/config/resolver.go b/backend/pkg/config/resolver.go index ebb9e9a..8c76771 100644 --- a/backend/pkg/config/resolver.go +++ b/backend/pkg/config/resolver.go @@ -368,7 +368,7 @@ func (r *Resolver) Server(ctx context.Context) (*server.Server, error) { if !r.config.UI.Disabled { var uiMiddleware []gin.HandlerFunc if r.config.AuthEnabled() { - uiMiddleware = append(uiMiddleware, auth.Valid) + uiMiddleware = append(uiMiddleware, auth.Valid(r.config.AuthBasePath())) } zap.L().Info("register UI", zap.String("path", r.config.UI.Path)) diff --git a/frontend/modules/core/components/UserMenu.vue b/frontend/modules/core/components/UserMenu.vue index f01d6f3..bcbae2e 100644 --- a/frontend/modules/core/components/UserMenu.vue +++ b/frontend/modules/core/components/UserMenu.vue @@ -16,7 +16,7 @@ const logout = () => { document.cookie.split(";").forEach((c) => { document.cookie = c.replace(/^ +/, "").replace(/=.*/, "=;expires=" + new Date().toUTCString() + ";path=/"); }); // @ts-ignore - window.location = '/logout' + window.location = `${window.location.pathname || '/'}logout` } const { data: profile } = useAPI(api => api.profile())