diff --git a/config/default.json b/config/default.json index cd012ee147ca9726b86ab669c2270ca95a6fac18..768e5a24f46fc16901a66a7799a766f3ec33950b 100644 --- a/config/default.json +++ b/config/default.json @@ -4,7 +4,7 @@ "host": "::", "port": 9666, - "endpoint": "http://localhost:9666", + "endpoint": "http://localhost/spacedeck/", "invite_code": "top-sekrit", "storage_region": "eu-central-1", @@ -32,6 +32,7 @@ "mail_smtp_pass": "your.secret.smtp.password", "path" : "http://localhost:9666/saml/SSO", - "entryPoint" : "https://m4lab.hft-stuttgart.de/idp/saml2/idp/SSOService.php", - "issuer" : "spacedeck.m4lab.hft-stuttgart.de" + "entryPoint" : "https://transfer.hft-stuttgart.de/idp2/saml2/idp/SSOService.php", + "issuer" : "spacedeck_local.m4lab.hft-stuttgart.de", + "logoutUrl": "https://transfer.hft-stuttgart.de/idp2/saml2/idp/SingleLogoutService.php" } diff --git a/middlewares/session.js b/middlewares/session.js index b9e8a0bfa4493dee03811c11d0518f981f0474f9..a1306933ff0c4394ca54f6101f6e08dea9dbe7fc 100644 --- a/middlewares/session.js +++ b/middlewares/session.js @@ -35,7 +35,7 @@ module.exports = (req, res, next) => { else db.User.findOne({where: {_id: session.user_id}}) .then(user => { if (!user) { - var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname; + var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname; res.clearCookie('sdsession', { domain: domain }); if (req.accepts("text/html")) { diff --git a/routes/root.js b/routes/root.js index ccbc5446890298a04790f959a49d7191873109ea..a827bff5d6927d3db269ec2147f1bcdf313288e6 100644 --- a/routes/root.js +++ b/routes/root.js @@ -32,6 +32,7 @@ const uuidv4 = require('uuid/v4'); var samlStrategy = new SamlStrategy({ // URL that goes from the Identity Provider -> Service Provider callbackUrl: config.path, + logoutUrl: config.logoutUrl, entryPoint: config.entryPoint, issuer: config.issuer, @@ -148,7 +149,7 @@ router.post('/saml/SSO', passport.authenticate('saml', { failureRedirect: '/logi res.redirect(500, "/"); }) .then(() => { - var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname; + var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname; console.log("session set successfully"); res.cookie('sdsession', token, { domain: domain, httpOnly: true }); res.redirect(302, "/") @@ -245,10 +246,58 @@ router.get('/login', passport.authenticate('saml', // res.render('spacedeck', { config:config, user:req.user }); //}); +function samlLogout(req,res){ +console.log("enter samlLogout") +try{ + samlStrategy.logout(req, function(err,uri){ + if(err) console.log("can't generate logout URL: ${err}"); + req.logout(); + var token = req.cookies['sdsession']; + db.Session.findOne({where: {token: token}}) + .then(session => { + session.destroy(); + }); + var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname; + res.clearCookie('sdsession', { domain: domain }); + console.log("clear Cookie") + res.redirect(uri); + }); +}catch(err){ + if(err) console.log(`Exception on URL: ${err}`); + req.logout(); + var token = req.cookies['sdsession']; + db.Session.findOne({where: {token: token}}) + .then(session => { + session.destroy(); + }); + var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname; + res.clearCookie('sdsession', { domain: domain }); + console.log("clear Cookie on error") + res.redirect("/login"); + } +} + router.get('/logout', (req, res) => { - res.render('spacedeck', { config:config, user:req.user }); + console.log("logout pressed") + if (req.user == null) { + console.log("req.user == null"); + return res.redirect('/'); + } + samlLogout(req,res); }); +router.get('/saml/SLO', (req, res, next) => { + console.log("received logout request"); + var token=req.cookies['sdsession']; + if(token) { + return next(); + } else { + return res.redirect('/'); //best be landing page of everything + } + }, + samlLogout +); + router.get('/t/:id', (req, res) => { res.cookie('spacedeck_locale', req.params.id, { maxAge: 900000, httpOnly: true }); var path = "/"; diff --git a/views/index.ejs b/views/index.ejs index 6f494a144a0876bfb697d4b4b5bc23d24a498a1b..f7eb98d6a7474bb05d39b6658fb85a77048b9917 100644 --- a/views/index.ejs +++ b/views/index.ejs @@ -19,7 +19,7 @@
  • Shared Whiteboards
  • Design Thinking
  • - Screenshot of Spacedeck 6.0 + Screenshot of Spacedeck 6.0

    The hosted version of Spacedeck 6.0 is currently in beta and invite only. You can also self-host and participate in the open source development.

    diff --git a/views/layouts/outer-header.ejs b/views/layouts/outer-header.ejs index 73eefacf187ca9820745450d19f72d9676750dc2..720183608e9ea969d7af61f1d1eb6f13268009fe 100644 --- a/views/layouts/outer-header.ejs +++ b/views/layouts/outer-header.ejs @@ -7,22 +7,21 @@ - - + +
    - +
    <% if (!user) { %> - <%=__("login")%> - <%=__("signup")%> + <%=__("login")%> <% } else { %> - <%=__("spaces")%> - <%=__("logout")%> + <%=__("spaces")%> + <%=__("logout")%> <% } %>
    diff --git a/views/partials/folders.html b/views/partials/folders.html index 1069775fdd48621e86e9e5f406f92b1f44184949..f98576d2a52bc889578b30d8a9985052fd8f2835 100644 --- a/views/partials/folders.html +++ b/views/partials/folders.html @@ -71,11 +71,11 @@ -
  • - +
  • + - <%= __('log_out') %> - + Start +
  • diff --git a/views/spacedeck.ejs b/views/spacedeck.ejs index 20b841fb082ea31bb6f9d35634aae8fbafab6b25..ff285aae9568713d1ba42a5f8c38a18414eadb9e 100644 --- a/views/spacedeck.ejs +++ b/views/spacedeck.ejs @@ -8,9 +8,9 @@ - + - + @@ -25,40 +25,40 @@ }; - - - + + + - - - - - - + + + + + + - - - - - - - + + + + + + + - - - - - - - - - - - + + + + + + + + + + + - - - + + +