diff options
| author |  Tobi Smethurst <31960611+tsmethurst@users.noreply.github.com> | 2021-07-23 10:36:28 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2021-07-23 10:36:28 +0200 |
| commit | 05e9af089c3041fa162e4dca3b1c5906496e8e90 (patch) | |
| tree | 6972d56a2ab5b5216ba7ec7c951605a775ac1c18 /internal/api/client/auth/signin.go | |
| parent | lil webfingy fix (#106) (diff) | |
| download | gotosocial-05e9af089c3041fa162e4dca3b1c5906496e8e90.tar.xz | |
Oidc (#109)
* add oidc config
* inching forward with oidc idp
* lil webfingy fix
* bit more progress
* further oidc
* oidc now working
* document dex config
* replace broken images
* add additional credits
* tiny doc update
* update
* add oidc config
* inching forward with oidc idp
* bit more progress
* further oidc
* oidc now working
* document dex config
* replace broken images
* add additional credits
* tiny doc update
* update
* document
* docs + comments
Diffstat (limited to 'internal/api/client/auth/signin.go')
| -rw-r--r-- | internal/api/client/auth/signin.go | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/internal/api/client/auth/signin.go b/internal/api/client/auth/signin.go index 7974a8cfa..543505cbd 100644 --- a/internal/api/client/auth/signin.go +++ b/internal/api/client/auth/signin.go @@ -39,7 +39,24 @@ type login struct { // The idea is to present a sign in page to the user, where they can enter their username and password. // The form will then POST to the sign in page, which will be handled by SignInPOSTHandler func (m *Module) SignInGETHandler(c *gin.Context) { - m.log.WithField("func", "SignInGETHandler").Trace("serving sign in html") + l := m.log.WithField("func", "SignInGETHandler") + l.Trace("entering sign in handler") + if m.idp != nil { + s := sessions.Default(c) + + stateI := s.Get(sessionState) + state, ok := stateI.(string) + if !ok { + m.clearSession(s) + c.JSON(http.StatusForbidden, gin.H{"error": "state not found in session"}) + return + } + + redirect := m.idp.AuthCodeURL(state) + l.Debugf("redirecting to external idp at %s", redirect) + c.Redirect(http.StatusSeeOther, redirect) + return + } c.HTML(http.StatusOK, "sign-in.tmpl", gin.H{}) } @@ -52,6 +69,7 @@ func (m *Module) SignInPOSTHandler(c *gin.Context) { form := &login{} if err := c.ShouldBind(form); err != nil { c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) + m.clearSession(s) return } l.Tracef("parsed form: %+v", form) @@ -59,12 +77,14 @@ func (m *Module) SignInPOSTHandler(c *gin.Context) { userid, err := m.ValidatePassword(form.Email, form.Password) if err != nil { c.String(http.StatusForbidden, err.Error()) + m.clearSession(s) return } s.Set(sessionUserID, userid) if err := s.Save(); err != nil { c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()}) + m.clearSession(s) return } |