From ba02f861bf72b5488452046feec71d622e710c0f Mon Sep 17 00:00:00 2001 From: Wolfgang Knopki Date: Fri, 18 Sep 2020 12:04:12 +0200 Subject: [PATCH 1/4] [slo] added slo functionality to main logoutbutton --- config/default.json | 3 ++- routes/root.js | 51 ++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 52 insertions(+), 2 deletions(-) diff --git a/config/default.json b/config/default.json index cd012ee..ff977c2 100644 --- a/config/default.json +++ b/config/default.json @@ -33,5 +33,6 @@ "path" : "http://localhost:9666/saml/SSO", "entryPoint" : "https://m4lab.hft-stuttgart.de/idp/saml2/idp/SSOService.php", - "issuer" : "spacedeck.m4lab.hft-stuttgart.de" + "issuer" : "spacedeck.m4lab.hft-stuttgart.de", + "logoutUrl": "https://m4lab.hft-stuttgart.de/idp/saml2/idp/SingleLogoutService.php" } diff --git a/routes/root.js b/routes/root.js index ccbc544..81892e0 100644 --- a/routes/root.js +++ b/routes/root.js @@ -32,6 +32,7 @@ const uuidv4 = require('uuid/v4'); var samlStrategy = new SamlStrategy({ // URL that goes from the Identity Provider -> Service Provider callbackUrl: config.path, + logoutUrl: config.logoutUrl, entryPoint: config.entryPoint, issuer: config.issuer, @@ -245,10 +246,58 @@ router.get('/login', passport.authenticate('saml', // res.render('spacedeck', { config:config, user:req.user }); //}); +function samlLogout(req,res){ +console.log("enter samlLogout") +try{ + samlStrategy.logout(req, function(err,uri){ + if(err) console.log("can't generate logout URL: ${err}"); + req.logout(); + var token = req.cookies['sdsession']; + db.Session.findOne({where: {token: token}}) + .then(session => { + session.destroy(); + }); + var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname; + res.clearCookie('sdsession', { domain: domain }); + console.log("clear Cookie") + res.redirect(uri); + }); +}catch(err){ + if(err) console.log(`Exception on URL: ${err}`); + req.logout(); + var token = req.cookies['sdsession']; + db.Session.findOne({where: {token: token}}) + .then(session => { + session.destroy(); + }); + var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname; + res.clearCookie('sdsession', { domain: domain }); + console.log("clear Cookie on error") + res.redirect("/login"); + } +} + router.get('/logout', (req, res) => { - res.render('spacedeck', { config:config, user:req.user }); + console.log("logout pressed") + if (req.user == null) { + console.log("req.user == null"); + return res.redirect('/'); + } + samlLogout(req,res); }); +router.get('/saml/SLO', (req, res, next) => { + console.log("received logout request"); + var token=req.cookies['sdsession']; + if(token) { + return next(); + } else { + return res.redirect('/'); //best be landing page of everything + } + }, + samlLogout +); + router.get('/t/:id', (req, res) => { res.cookie('spacedeck_locale', req.params.id, { maxAge: 900000, httpOnly: true }); var path = "/"; -- GitLab From 922f2f153f63c850e25c1d0cb95d1173800f4615 Mon Sep 17 00:00:00 2001 From: Wolfgang Knopki Date: Fri, 18 Sep 2020 12:09:48 +0200 Subject: [PATCH 2/4] [slo] account logout also redirects to /logout, removed sign-up button --- views/layouts/outer-header.ejs | 1 - views/partials/folders.html | 6 +++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/views/layouts/outer-header.ejs b/views/layouts/outer-header.ejs index 73eefac..916c57a 100644 --- a/views/layouts/outer-header.ejs +++ b/views/layouts/outer-header.ejs @@ -19,7 +19,6 @@
<% if (!user) { %> <%=__("login")%> - <%=__("signup")%> <% } else { %> <%=__("spaces")%> <%=__("logout")%> diff --git a/views/partials/folders.html b/views/partials/folders.html index 1069775..e9df345 100644 --- a/views/partials/folders.html +++ b/views/partials/folders.html @@ -71,11 +71,11 @@ -
  • - +
  • + <%= __('log_out') %> - +
  • -- GitLab From 9ea3a6f3312f0eef0edd08f91982b7e561ed9197 Mon Sep 17 00:00:00 2001 From: Wolfgang Knopki Date: Fri, 18 Sep 2020 12:25:25 +0200 Subject: [PATCH 3/4] [slo] account logout button removed, now goes back to main page, where logout works flawlessly --- views/partials/folders.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/views/partials/folders.html b/views/partials/folders.html index e9df345..f98576d 100644 --- a/views/partials/folders.html +++ b/views/partials/folders.html @@ -72,9 +72,9 @@
  • - + - <%= __('log_out') %> + Start
  • -- GitLab From a0fb802f8ba45cdd04977e2e3bd9ba9196d96f7f Mon Sep 17 00:00:00 2001 From: Wolfgang Knopki Date: Tue, 20 Oct 2020 14:21:22 +0200 Subject: [PATCH 4/4] add prefix functionality through proper endpoint config propagation --- config/default.json | 8 ++--- middlewares/session.js | 2 +- routes/root.js | 6 ++-- views/index.ejs | 2 +- views/layouts/outer-header.ejs | 12 +++---- views/spacedeck.ejs | 64 +++++++++++++++++----------------- 6 files changed, 47 insertions(+), 47 deletions(-) diff --git a/config/default.json b/config/default.json index ff977c2..768e5a2 100644 --- a/config/default.json +++ b/config/default.json @@ -4,7 +4,7 @@ "host": "::", "port": 9666, - "endpoint": "http://localhost:9666", + "endpoint": "http://localhost/spacedeck/", "invite_code": "top-sekrit", "storage_region": "eu-central-1", @@ -32,7 +32,7 @@ "mail_smtp_pass": "your.secret.smtp.password", "path" : "http://localhost:9666/saml/SSO", - "entryPoint" : "https://m4lab.hft-stuttgart.de/idp/saml2/idp/SSOService.php", - "issuer" : "spacedeck.m4lab.hft-stuttgart.de", - "logoutUrl": "https://m4lab.hft-stuttgart.de/idp/saml2/idp/SingleLogoutService.php" + "entryPoint" : "https://transfer.hft-stuttgart.de/idp2/saml2/idp/SSOService.php", + "issuer" : "spacedeck_local.m4lab.hft-stuttgart.de", + "logoutUrl": "https://transfer.hft-stuttgart.de/idp2/saml2/idp/SingleLogoutService.php" } diff --git a/middlewares/session.js b/middlewares/session.js index b9e8a0b..a130693 100644 --- a/middlewares/session.js +++ b/middlewares/session.js @@ -35,7 +35,7 @@ module.exports = (req, res, next) => { else db.User.findOne({where: {_id: session.user_id}}) .then(user => { if (!user) { - var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname; + var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname; res.clearCookie('sdsession', { domain: domain }); if (req.accepts("text/html")) { diff --git a/routes/root.js b/routes/root.js index 81892e0..a827bff 100644 --- a/routes/root.js +++ b/routes/root.js @@ -149,7 +149,7 @@ router.post('/saml/SSO', passport.authenticate('saml', { failureRedirect: '/logi res.redirect(500, "/"); }) .then(() => { - var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname; + var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname; console.log("session set successfully"); res.cookie('sdsession', token, { domain: domain, httpOnly: true }); res.redirect(302, "/") @@ -257,7 +257,7 @@ try{ .then(session => { session.destroy(); }); - var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname; + var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname; res.clearCookie('sdsession', { domain: domain }); console.log("clear Cookie") res.redirect(uri); @@ -270,7 +270,7 @@ try{ .then(session => { session.destroy(); }); - var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname; + var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname; res.clearCookie('sdsession', { domain: domain }); console.log("clear Cookie on error") res.redirect("/login"); diff --git a/views/index.ejs b/views/index.ejs index 6f494a1..f7eb98d 100644 --- a/views/index.ejs +++ b/views/index.ejs @@ -19,7 +19,7 @@
  • Shared Whiteboards
  • Design Thinking
  • - Screenshot of Spacedeck 6.0 + Screenshot of Spacedeck 6.0

    The hosted version of Spacedeck 6.0 is currently in beta and invite only. You can also self-host and participate in the open source development.

    diff --git a/views/layouts/outer-header.ejs b/views/layouts/outer-header.ejs index 916c57a..7201836 100644 --- a/views/layouts/outer-header.ejs +++ b/views/layouts/outer-header.ejs @@ -7,21 +7,21 @@ - - + +
    - +
    diff --git a/views/spacedeck.ejs b/views/spacedeck.ejs index 20b841f..ff285aa 100644 --- a/views/spacedeck.ejs +++ b/views/spacedeck.ejs @@ -8,9 +8,9 @@ - + - + @@ -25,40 +25,40 @@ }; - - - + + + - - - - - - + + + + + + - - - - - - - + + + + + + + - - - - - - - - - - - + + + + + + + + + + + - - - + + + -- GitLab