mirror of
https://github.com/wekan/wekan.git
synced 2025-12-16 23:40:13 +01:00
Revert autologin, because it broke OIDC login with Keycloak.
Thanks to wb9688 and xet7 ! Fixes #4660, related https://github.com/wekan/wekan/pull/4588
This commit is contained in:
Lauri Ojansivu
parent
fbe1f5f948
commit
43a7096753
5 changed files with 34 additions and 93 deletions
|
|
@ -4,7 +4,7 @@ BlazeLayout.setRoot('body');
|
|||
|
||||
let alreadyCheck = 1;
|
||||
let isCheckDone = false;
|
||||
let counter = 0;
|
||||
|
||||
const validator = {
|
||||
set(obj, prop, value) {
|
||||
if (prop === 'state' && value !== 'signIn') {
|
||||
|
|
@ -50,18 +50,6 @@ Template.userFormsLayout.onCreated(function () {
|
|||
}
|
||||
});
|
||||
|
||||
if (!Meteor.user()?.profile) {
|
||||
Meteor.call('isOidcRedirectionEnabled', (_, result) => {
|
||||
if (result) {
|
||||
AccountsTemplates.options.socialLoginStyle = 'redirect';
|
||||
options = {
|
||||
loginStyle: AccountsTemplates.options.socialLoginStyle,
|
||||
};
|
||||
Meteor.loginWithOidc(options);
|
||||
}
|
||||
else console.log("oidc redirect not set");
|
||||
});
|
||||
}
|
||||
Meteor.call('isDisableRegistration', (_, result) => {
|
||||
if (result) {
|
||||
$('.at-signup-link').hide();
|
||||
|
|
@ -279,6 +267,7 @@ function getUserAuthenticationMethod(defaultAuthenticationMethod, match) {
|
|||
Meteor.subscribe('user-authenticationMethod', match, {
|
||||
onReady() {
|
||||
const user = Users.findOne();
|
||||
|
||||
const authenticationMethod = user
|
||||
? user.authenticationMethod
|
||||
: defaultAuthenticationMethod;
|
||||
|
|
|
|||
|
|
@ -5,16 +5,6 @@ const emailField = AccountsTemplates.removeField('email');
|
|||
let disableRegistration = false;
|
||||
let disableForgotPassword = false;
|
||||
let passwordLoginDisabled = false;
|
||||
let oidcRedirectionEnabled = false;
|
||||
let oauthServerUrl = "home";
|
||||
let oauthDashboardUrl = "";
|
||||
|
||||
Meteor.call('isOidcRedirectionEnabled', (_, result) => {
|
||||
if(result)
|
||||
{
|
||||
oidcRedirectionEnabled = true;
|
||||
}
|
||||
});
|
||||
|
||||
Meteor.call('isPasswordLoginDisabled', (_, result) => {
|
||||
if (result) {
|
||||
|
|
@ -24,18 +14,6 @@ Meteor.call('isPasswordLoginDisabled', (_, result) => {
|
|||
}
|
||||
});
|
||||
|
||||
Meteor.call('getOauthServerUrl', (_, result) => {
|
||||
if (result) {
|
||||
oauthServerUrl = result;
|
||||
}
|
||||
});
|
||||
|
||||
Meteor.call('getOauthDashboardUrl', (_, result) => {
|
||||
if (result) {
|
||||
oauthDashboardUrl = result;
|
||||
}
|
||||
});
|
||||
|
||||
Meteor.call('isDisableRegistration', (_, result) => {
|
||||
if (result) {
|
||||
disableRegistration = true;
|
||||
|
|
@ -81,20 +59,12 @@ AccountsTemplates.configure({
|
|||
showForgotPasswordLink: !disableForgotPassword,
|
||||
forbidClientAccountCreation: disableRegistration,
|
||||
onLogoutHook() {
|
||||
// here comeslogic for redirect
|
||||
if(oidcRedirectionEnabled)
|
||||
{
|
||||
window.location = oauthServerUrl + oauthDashboardUrl;
|
||||
}
|
||||
else
|
||||
{
|
||||
const homePage = 'home';
|
||||
if (FlowRouter.getRouteName() === homePage) {
|
||||
FlowRouter.reload();
|
||||
} else {
|
||||
FlowRouter.go(homePage);
|
||||
}
|
||||
}
|
||||
},
|
||||
});
|
||||
|
||||
|
|
|
|||
|
|
@ -229,12 +229,6 @@ if (Meteor.isServer) {
|
|||
]);
|
||||
}
|
||||
|
||||
function loadOidcConfig(service){
|
||||
check(service, String);
|
||||
var config = ServiceConfiguration.configurations.findOne({service: service});
|
||||
return config;
|
||||
}
|
||||
|
||||
function sendInvitationEmail(_id) {
|
||||
const icode = InvitationCodes.findOne(_id);
|
||||
const author = Users.findOne(Meteor.userId());
|
||||
|
|
@ -501,12 +495,6 @@ if (Meteor.isServer) {
|
|||
};
|
||||
},
|
||||
|
||||
getOauthServerUrl(){
|
||||
return process.env.OAUTH2_SERVER_URL;
|
||||
},
|
||||
getOauthDashboardUrl(){
|
||||
return process.env.DASHBOARD_URL;
|
||||
},
|
||||
getDefaultAuthenticationMethod() {
|
||||
return process.env.DEFAULT_AUTHENTICATION_METHOD;
|
||||
},
|
||||
|
|
@ -514,12 +502,6 @@ if (Meteor.isServer) {
|
|||
isPasswordLoginDisabled() {
|
||||
return process.env.PASSWORD_LOGIN_ENABLED === 'false';
|
||||
},
|
||||
isOidcRedirectionEnabled(){
|
||||
return process.env.OIDC_REDIRECTION_ENABLED === 'true' && Object.keys(loadOidcConfig("oidc")).length > 0;
|
||||
},
|
||||
getServiceConfiguration(service){
|
||||
return loadOidcConfig(service);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -7,11 +7,11 @@ if (Meteor.isClient) {
|
|||
callback = options;
|
||||
options = null;
|
||||
}
|
||||
|
||||
var credentialRequestCompleteCallback = Accounts.oauth.credentialRequestCompleteHandler(callback);
|
||||
Oidc.requestCredential(options, credentialRequestCompleteCallback);
|
||||
};
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
Accounts.addAutopublishFields({
|
||||
// not sure whether the OIDC api can be used from the browser,
|
||||
// thus not sure if we should be sending access tokens; but we do it
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue