diff --git a/config/default.json b/config/default.json
index cd012ee147ca9726b86ab669c2270ca95a6fac18..768e5a24f46fc16901a66a7799a766f3ec33950b 100644
--- a/config/default.json
+++ b/config/default.json
@@ -4,7 +4,7 @@
"host": "::",
"port": 9666,
- "endpoint": "http://localhost:9666",
+ "endpoint": "http://localhost/spacedeck/",
"invite_code": "top-sekrit",
"storage_region": "eu-central-1",
@@ -32,6 +32,7 @@
"mail_smtp_pass": "your.secret.smtp.password",
"path" : "http://localhost:9666/saml/SSO",
- "entryPoint" : "https://m4lab.hft-stuttgart.de/idp/saml2/idp/SSOService.php",
- "issuer" : "spacedeck.m4lab.hft-stuttgart.de"
+ "entryPoint" : "https://transfer.hft-stuttgart.de/idp2/saml2/idp/SSOService.php",
+ "issuer" : "spacedeck_local.m4lab.hft-stuttgart.de",
+ "logoutUrl": "https://transfer.hft-stuttgart.de/idp2/saml2/idp/SingleLogoutService.php"
}
diff --git a/middlewares/session.js b/middlewares/session.js
index b9e8a0bfa4493dee03811c11d0518f981f0474f9..a1306933ff0c4394ca54f6101f6e08dea9dbe7fc 100644
--- a/middlewares/session.js
+++ b/middlewares/session.js
@@ -35,7 +35,7 @@ module.exports = (req, res, next) => {
else db.User.findOne({where: {_id: session.user_id}})
.then(user => {
if (!user) {
- var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname;
+ var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname;
res.clearCookie('sdsession', { domain: domain });
if (req.accepts("text/html")) {
diff --git a/routes/root.js b/routes/root.js
index ccbc5446890298a04790f959a49d7191873109ea..a827bff5d6927d3db269ec2147f1bcdf313288e6 100644
--- a/routes/root.js
+++ b/routes/root.js
@@ -32,6 +32,7 @@ const uuidv4 = require('uuid/v4');
var samlStrategy = new SamlStrategy({
// URL that goes from the Identity Provider -> Service Provider
callbackUrl: config.path,
+ logoutUrl: config.logoutUrl,
entryPoint: config.entryPoint,
issuer: config.issuer,
@@ -148,7 +149,7 @@ router.post('/saml/SSO', passport.authenticate('saml', { failureRedirect: '/logi
res.redirect(500, "/");
})
.then(() => {
- var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname;
+ var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname;
console.log("session set successfully");
res.cookie('sdsession', token, { domain: domain, httpOnly: true });
res.redirect(302, "/")
@@ -245,10 +246,58 @@ router.get('/login', passport.authenticate('saml',
// res.render('spacedeck', { config:config, user:req.user });
//});
+function samlLogout(req,res){
+console.log("enter samlLogout")
+try{
+ samlStrategy.logout(req, function(err,uri){
+ if(err) console.log("can't generate logout URL: ${err}");
+ req.logout();
+ var token = req.cookies['sdsession'];
+ db.Session.findOne({where: {token: token}})
+ .then(session => {
+ session.destroy();
+ });
+ var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname;
+ res.clearCookie('sdsession', { domain: domain });
+ console.log("clear Cookie")
+ res.redirect(uri);
+ });
+}catch(err){
+ if(err) console.log(`Exception on URL: ${err}`);
+ req.logout();
+ var token = req.cookies['sdsession'];
+ db.Session.findOne({where: {token: token}})
+ .then(session => {
+ session.destroy();
+ });
+ var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname;
+ res.clearCookie('sdsession', { domain: domain });
+ console.log("clear Cookie on error")
+ res.redirect("/login");
+ }
+}
+
router.get('/logout', (req, res) => {
- res.render('spacedeck', { config:config, user:req.user });
+ console.log("logout pressed")
+ if (req.user == null) {
+ console.log("req.user == null");
+ return res.redirect('/');
+ }
+ samlLogout(req,res);
});
+router.get('/saml/SLO', (req, res, next) => {
+ console.log("received logout request");
+ var token=req.cookies['sdsession'];
+ if(token) {
+ return next();
+ } else {
+ return res.redirect('/'); //best be landing page of everything
+ }
+ },
+ samlLogout
+);
+
router.get('/t/:id', (req, res) => {
res.cookie('spacedeck_locale', req.params.id, { maxAge: 900000, httpOnly: true });
var path = "/";
diff --git a/views/index.ejs b/views/index.ejs
index 6f494a144a0876bfb697d4b4b5bc23d24a498a1b..f7eb98d6a7474bb05d39b6658fb85a77048b9917 100644
--- a/views/index.ejs
+++ b/views/index.ejs
@@ -19,7 +19,7 @@
<li>Shared Whiteboards</li>
<li>Design Thinking</li>
</ul>
- <img src="/images/sd6-screenshot.png" alt="Screenshot of Spacedeck 6.0">
+ <img src="<%= config.endpoint %>/images/sd6-screenshot.png" alt="Screenshot of Spacedeck 6.0">
<p>
The hosted version of Spacedeck 6.0 is currently in beta and invite only. You can also self-host and <a href="https://github.com/spacedeck/spacedeck-open">participate in the open source development</a>.
</p>
diff --git a/views/layouts/outer-header.ejs b/views/layouts/outer-header.ejs
index 73eefacf187ca9820745450d19f72d9676750dc2..720183608e9ea969d7af61f1d1eb6f13268009fe 100644
--- a/views/layouts/outer-header.ejs
+++ b/views/layouts/outer-header.ejs
@@ -7,22 +7,21 @@
<meta name="viewport" content="width=device-width, minimum-scale=1.0, maximum-scale=1.0, user-scalable=no" />
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-status-bar-style" content="black-translucent" />
- <link href="/images/favicon.png" rel="icon" type="image/x-icon" />
- <link rel="stylesheet" href="/stylesheets/style.css">
+ <link href="<%= config.endpoint %>/images/favicon.png" rel="icon" type="image/x-icon" />
+ <link rel="stylesheet" href="<%= config.endpoint %>/stylesheets/style.css">
</head>
<body>
<header id="landing-header" class="header">
<div class="header-left">
- <a class="btn btn-transparent btn-nude" href="<%= config.endpoint %>/"><img src="/images/sd6-logo-black.svg" width="190"></a>
+ <a class="btn btn-transparent btn-nude" href="<%= config.endpoint %>/"><img src="<%= config.endpoint %>/images/sd6-logo-black.svg" width="190"></a>
</div>
<div class="header-right pull-right">
<% if (!user) { %>
- <a class="btn btn-md btn-dark btn-round" href="/login"><%=__("login")%></a>
- <a class="btn btn-md btn-dark btn-round" href="/signup"><%=__("signup")%></a>
+ <a class="btn btn-md btn-dark btn-round" href="<%= config.endpoint %>/login"><%=__("login")%></a>
<% } else { %>
- <a class="btn btn-md btn-dark btn-round" href="/spaces"><%=__("spaces")%></a>
- <a class="btn btn-md btn-dark btn-round" href="/logout"><%=__("logout")%></a>
+ <a class="btn btn-md btn-dark btn-round" href="<%= config.endpoint %>/spaces"><%=__("spaces")%></a>
+ <a class="btn btn-md btn-dark btn-round" href="<%= config.endpoint %>/logout"><%=__("logout")%></a>
<% } %>
</div>
diff --git a/views/partials/folders.html b/views/partials/folders.html
index 1069775fdd48621e86e9e5f406f92b1f44184949..f98576d2a52bc889578b30d8a9985052fd8f2835 100644
--- a/views/partials/folders.html
+++ b/views/partials/folders.html
@@ -71,11 +71,11 @@
</a>
</li>
- <li v-on:click="logout()">
- <span>
+ <li>
+ <a href="/">
<span class="icon icon-sm icon-logout"></span>
- <span><%= __('log_out') %></span>
- </span>
+ <span>Start</span>
+ </a>
</li>
</ul>
</div>
diff --git a/views/spacedeck.ejs b/views/spacedeck.ejs
index 20b841fb082ea31bb6f9d35634aae8fbafab6b25..ff285aae9568713d1ba42a5f8c38a18414eadb9e 100644
--- a/views/spacedeck.ejs
+++ b/views/spacedeck.ejs
@@ -8,9 +8,9 @@
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-status-bar-style" content="black-translucent" />
- <link href="/images/favicon.png" rel="icon" type="image/x-icon" />
+ <link href="<%= config.endpoint %>/images/favicon.png" rel="icon" type="image/x-icon" />
<link href='https://fonts.googleapis.com/css?family=Inter' rel='stylesheet' type='text/css'>
- <link rel="stylesheet" href="/stylesheets/style.css">
+ <link rel="stylesheet" href="<%= config.endpoint %>/stylesheets/style.css">
<script>if (typeof module === 'object') {window.module = module; module = undefined;}</script>
@@ -25,40 +25,40 @@
};
</script>
- <script src="/javascripts/jquery-2.1.4.min.js"></script>
- <script src="/javascripts/i18next-1.11.2.js"></script>
- <script src="/javascripts/clipboard.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/jquery-2.1.4.min.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/i18next-1.11.2.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/clipboard.js"></script>
- <script src="/javascripts/lodash.compat.js"></script>
- <script src="/javascripts/fastclick.js"></script>
- <script src="/javascripts/vue.js"></script>
- <script src="/javascripts/moment.js"></script>
- <script src="/javascripts/medium.patched.js"></script>
- <script src="/javascripts/route-recognizer.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/lodash.compat.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/fastclick.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/vue.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/moment.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/medium.patched.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/route-recognizer.js"></script>
- <script src="/javascripts/backend.js"></script>
- <script src="/javascripts/link_parser.js"></script>
- <script src="/javascripts/vector-render.js"></script>
- <script src="/javascripts/mousetrap.js"></script>
- <script src="/javascripts/smoke.js"></script>
- <script src="/javascripts/helper.js"></script>
- <script src="/javascripts/packer.growing.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/backend.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/link_parser.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/vector-render.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/mousetrap.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/smoke.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/helper.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/packer.growing.js"></script>
- <script src="/javascripts/spacedeck_routes.js"></script>
- <script src="/javascripts/spacedeck_formatting.js"></script>
- <script src="/javascripts/spacedeck_sections.js"></script>
- <script src="/javascripts/spacedeck_spaces.js"></script>
- <script src="/javascripts/spacedeck_teams.js"></script>
- <script src="/javascripts/spacedeck_board_artifacts.js"></script>
- <script src="/javascripts/spacedeck_users.js"></script>
- <script src="/javascripts/spacedeck_account.js"></script>
- <script src="/javascripts/spacedeck_modals.js"></script>
- <script src="/javascripts/spacedeck_avatars.js"></script>
- <script src="/javascripts/spacedeck_websockets.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_routes.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_formatting.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_sections.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_spaces.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_teams.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_board_artifacts.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_users.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_account.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_modals.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_avatars.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_websockets.js"></script>
- <script src="/javascripts/spacedeck_whiteboard.js"></script>
- <script src="/javascripts/spacedeck_directives.js"></script>
- <script src="/javascripts/spacedeck_vue.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_whiteboard.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_directives.js"></script>
+ <script src="<%= config.endpoint %>/javascripts/spacedeck_vue.js"></script>
<script>if (window.module) module = window.module;</script>
</head>