Wolfgang Knopki · a0fb802f · Wolfgang Knopki
--- a/config/default.json

+ 4

- 3

View file @ a0fb802f

Edit in single-file editor

Open in Web IDE
+++ b/config/default.json

+ 4

- 3

View file @ a0fb802f

Edit in single-file editor

Open in Web IDE
 @@ -4,7 +4,7 @@

  "host": "::",
  "port": 9666,
-  "endpoint": "http://localhost:9666",
+  "endpoint": "http://localhost/spacedeck/",
  "invite_code": "top-sekrit",

  "storage_region": "eu-central-1",
 @@ -32,6 +32,7 @@
  "mail_smtp_pass": "your.secret.smtp.password",

  "path" : "http://localhost:9666/saml/SSO",
-  "entryPoint" : "https://m4lab.hft-stuttgart.de/idp/saml2/idp/SSOService.php",
-  "issuer" : "spacedeck.m4lab.hft-stuttgart.de"
+  "entryPoint" : "https://transfer.hft-stuttgart.de/idp2/saml2/idp/SSOService.php",
+  "issuer" : "spacedeck_local.m4lab.hft-stuttgart.de",
+  "logoutUrl": "https://transfer.hft-stuttgart.de/idp2/saml2/idp/SingleLogoutService.php"
 }
--- a/middlewares/session.js

+ 1

- 1

View file @ a0fb802f

Edit in single-file editor

Open in Web IDE
+++ b/middlewares/session.js

+ 1

- 1

View file @ a0fb802f

Edit in single-file editor

Open in Web IDE
 @@ -35,7 +35,7 @@ module.exports = (req, res, next) => {
        else db.User.findOne({where: {_id: session.user_id}})
          .then(user => {
            if (!user) {
-              var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname;
+              var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname;
              res.clearCookie('sdsession', { domain: domain });

              if (req.accepts("text/html")) {

--- a/routes/root.js

+ 51

- 2

View file @ a0fb802f

Edit in single-file editor

Open in Web IDE
+++ b/routes/root.js

+ 51

- 2

View file @ a0fb802f

Edit in single-file editor

Open in Web IDE
 @@ -32,6 +32,7 @@ const uuidv4 = require('uuid/v4');
  var samlStrategy = new SamlStrategy({
      // URL that goes from the Identity Provider -> Service Provider
      callbackUrl: config.path,
+      logoutUrl: config.logoutUrl,

      entryPoint: config.entryPoint,
      issuer: config.issuer,
 @@ -148,7 +149,7 @@ router.post('/saml/SSO', passport.authenticate('saml', { failureRedirect: '/logi
                                      res.redirect(500, "/");
                                    })
                                    .then(() => {
-                                      var domain = (process.env.NODE_ENV == "production") ? new URL(config.get('endpoint')).hostname : req.headers.hostname;
+                                      var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname;
                                      console.log("session set successfully");
                                      res.cookie('sdsession', token, { domain: domain, httpOnly: true });
                                      res.redirect(302, "/")
 @@ -245,10 +246,58 @@ router.get('/login', passport.authenticate('saml',
 //  res.render('spacedeck', { config:config, user:req.user });
 //});

+function samlLogout(req,res){
+console.log("enter samlLogout")
+try{
+    samlStrategy.logout(req, function(err,uri){
+        if(err) console.log("can't generate logout URL: ${err}");
+        req.logout();
+        var token = req.cookies['sdsession'];
+        db.Session.findOne({where: {token: token}})
+            .then(session => {
+                session.destroy();
+            });
+        var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname;
+        res.clearCookie('sdsession', { domain: domain });
+        console.log("clear Cookie")
+        res.redirect(uri);
+    });
+}catch(err){
+    if(err) console.log(`Exception on URL: ${err}`);
+    req.logout();
+    var token = req.cookies['sdsession'];
+    db.Session.findOne({where: {token: token}})
+        .then(session => {
+            session.destroy();
+        });
+    var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname;
+    res.clearCookie('sdsession', { domain: domain });
+    console.log("clear Cookie on error")
+    res.redirect("/login");
+    }
+}
+
 router.get('/logout', (req, res) => {
-  res.render('spacedeck', { config:config, user:req.user });
+    console.log("logout pressed")
+    if (req.user == null) {
+        console.log("req.user == null");
+        return res.redirect('/');
+    }
+    samlLogout(req,res);
 });

+router.get('/saml/SLO', (req, res, next) => {
+        console.log("received logout request");
+        var token=req.cookies['sdsession'];
+        if(token) {
+            return next();
+        } else {
+            return res.redirect('/'); //best be landing page of everything
+        }
+    },
+    samlLogout
+);
+
 router.get('/t/:id', (req, res) => {
  res.cookie('spacedeck_locale', req.params.id, { maxAge: 900000, httpOnly: true });
  var path = "/";

--- a/views/layouts/outer-header.ejs

+ 6

- 7

View file @ a0fb802f

Edit in single-file editor

Open in Web IDE
+++ b/views/layouts/outer-header.ejs

+ 6

- 7

View file @ a0fb802f

Edit in single-file editor

Open in Web IDE
 @@ -7,22 +7,21 @@
    <meta name="viewport" content="width=device-width, minimum-scale=1.0, maximum-scale=1.0, user-scalable=no" />
    <meta name="apple-mobile-web-app-capable" content="yes">
    <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent" />
-    <link href="/images/favicon.png" rel="icon" type="image/x-icon" />
-    <link rel="stylesheet" href="/stylesheets/style.css">
+    <link href="<%= config.endpoint %>/images/favicon.png" rel="icon" type="image/x-icon" />
+    <link rel="stylesheet" href="<%= config.endpoint %>/stylesheets/style.css">
  </head>
  <body>
    <header id="landing-header" class="header">
      <div class="header-left">
-        <a class="btn btn-transparent btn-nude" href="<%= config.endpoint %>/"><img src="/images/sd6-logo-black.svg" width="190"></a>
+        <a class="btn btn-transparent btn-nude" href="<%= config.endpoint %>/"><img src="<%= config.endpoint %>/images/sd6-logo-black.svg" width="190"></a>
      </div>

      <div class="header-right pull-right">
        <% if (!user) { %>
-          <a class="btn btn-md btn-dark btn-round" href="/login"><%=__("login")%></a>
-          <a class="btn btn-md btn-dark btn-round" href="/signup"><%=__("signup")%></a>
+          <a class="btn btn-md btn-dark btn-round" href="<%= config.endpoint %>/login"><%=__("login")%></a>
        <% } else { %>
-          <a class="btn btn-md btn-dark btn-round" href="/spaces"><%=__("spaces")%></a>
-          <a class="btn btn-md btn-dark btn-round" href="/logout"><%=__("logout")%></a>
+          <a class="btn btn-md btn-dark btn-round" href="<%= config.endpoint %>/spaces"><%=__("spaces")%></a>
+          <a class="btn btn-md btn-dark btn-round" href="<%= config.endpoint %>/logout"><%=__("logout")%></a>
        <% } %>

      </div>

--- a/views/partials/folders.html

+ 4

- 4

View file @ a0fb802f

Edit in single-file editor

Open in Web IDE
+++ b/views/partials/folders.html

+ 4

- 4

View file @ a0fb802f

Edit in single-file editor

Open in Web IDE
 @@ -71,11 +71,11 @@
            </a>
          </li>

-          <li v-on:click="logout()">
-            <span>
+          <li>
+            <a href="/">
              <span class="icon icon-sm  icon-logout"></span>
-              <span><%=  __('log_out') %></span>
-            </span>
+              <span>Start</span>
+            </a>
          </li>
        </ul>
      </div>