mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-01 01:36:00 -04:00
Skip intermediate login page with single provider
This commit is contained in:
parent
44013721f0
commit
d5ce6b680c
@ -13,6 +13,11 @@ return [
|
|||||||
// Options: standard, ldap, saml2, oidc
|
// Options: standard, ldap, saml2, oidc
|
||||||
'method' => env('AUTH_METHOD', 'standard'),
|
'method' => env('AUTH_METHOD', 'standard'),
|
||||||
|
|
||||||
|
// Automatically redirect to external login provider if only one provider is being used
|
||||||
|
// instead of displaying a single-button login page and requiring users to click through
|
||||||
|
// Supported methods: saml2, oidc
|
||||||
|
'auto_redirect' => env('AUTH_AUTO_REDIRECT', false),
|
||||||
|
|
||||||
// Authentication Defaults
|
// Authentication Defaults
|
||||||
// This option controls the default authentication "guard" and password
|
// This option controls the default authentication "guard" and password
|
||||||
// reset options for your application.
|
// reset options for your application.
|
||||||
|
@ -25,14 +25,14 @@ class LoginController extends Controller
|
|||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
use AuthenticatesUsers;
|
use AuthenticatesUsers { logout as traitLogout; }
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Redirection paths.
|
* Redirection paths.
|
||||||
*/
|
*/
|
||||||
protected $redirectTo = '/';
|
protected $redirectTo = '/';
|
||||||
protected $redirectPath = '/';
|
protected $redirectPath = '/';
|
||||||
protected $redirectAfterLogout = '/login';
|
protected $redirectAfterLogout = '/';
|
||||||
|
|
||||||
protected $socialAuthService;
|
protected $socialAuthService;
|
||||||
protected $loginService;
|
protected $loginService;
|
||||||
@ -50,7 +50,7 @@ class LoginController extends Controller
|
|||||||
$this->loginService = $loginService;
|
$this->loginService = $loginService;
|
||||||
|
|
||||||
$this->redirectPath = url('/');
|
$this->redirectPath = url('/');
|
||||||
$this->redirectAfterLogout = url('/login');
|
$this->redirectAfterLogout = url(config('auth.auto_redirect') ? '/login?logout=1' : '/');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function username()
|
public function username()
|
||||||
@ -73,6 +73,7 @@ class LoginController extends Controller
|
|||||||
{
|
{
|
||||||
$socialDrivers = $this->socialAuthService->getActiveDrivers();
|
$socialDrivers = $this->socialAuthService->getActiveDrivers();
|
||||||
$authMethod = config('auth.method');
|
$authMethod = config('auth.method');
|
||||||
|
$autoRedirect = config('auth.auto_redirect');
|
||||||
|
|
||||||
if ($request->has('email')) {
|
if ($request->has('email')) {
|
||||||
session()->flashInput([
|
session()->flashInput([
|
||||||
@ -84,6 +85,12 @@ class LoginController extends Controller
|
|||||||
// Store the previous location for redirect after login
|
// Store the previous location for redirect after login
|
||||||
$this->updateIntendedFromPrevious();
|
$this->updateIntendedFromPrevious();
|
||||||
|
|
||||||
|
if ($autoRedirect && !($request->has('logout') && $request->get('logout') == '1') && count($socialDrivers) == 0 && in_array($authMethod, ['oidc', 'saml2'])) {
|
||||||
|
return view('auth.login-redirect', [
|
||||||
|
'authMethod' => $authMethod,
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
return view('auth.login', [
|
return view('auth.login', [
|
||||||
'socialDrivers' => $socialDrivers,
|
'socialDrivers' => $socialDrivers,
|
||||||
'authMethod' => $authMethod,
|
'authMethod' => $authMethod,
|
||||||
@ -251,4 +258,18 @@ class LoginController extends Controller
|
|||||||
|
|
||||||
redirect()->setIntendedUrl($previous);
|
redirect()->setIntendedUrl($previous);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Logout user and perform subsequent redirect.
|
||||||
|
*
|
||||||
|
* @param \Illuminate\Http\Request $request
|
||||||
|
*
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
public function logout(Request $request)
|
||||||
|
{
|
||||||
|
$this->traitLogout($request);
|
||||||
|
|
||||||
|
return redirect($this->redirectAfterLogout);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
16
resources/views/auth/login-redirect.blade.php
Normal file
16
resources/views/auth/login-redirect.blade.php
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="{{ config('app.lang') }}"
|
||||||
|
dir="{{ config('app.rtl') ? 'rtl' : 'ltr' }}">
|
||||||
|
<head>
|
||||||
|
<meta charset="utf-8">
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<div id="loginredirect-wrapper" style="display:none">
|
||||||
|
@include('auth.parts.login-form-' . $authMethod)
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<script nonce="{{ $cspNonce }}">
|
||||||
|
window.onload = function(){document.forms['login-form'].submit()};
|
||||||
|
</script>
|
||||||
|
</body>
|
||||||
|
</html>
|
@ -26,6 +26,7 @@ class OidcTest extends TestCase
|
|||||||
|
|
||||||
config()->set([
|
config()->set([
|
||||||
'auth.method' => 'oidc',
|
'auth.method' => 'oidc',
|
||||||
|
'auth.auto_redirect' => false,
|
||||||
'auth.defaults.guard' => 'oidc',
|
'auth.defaults.guard' => 'oidc',
|
||||||
'oidc.name' => 'SingleSignOn-Testing',
|
'oidc.name' => 'SingleSignOn-Testing',
|
||||||
'oidc.display_name_claims' => ['name'],
|
'oidc.display_name_claims' => ['name'],
|
||||||
@ -111,6 +112,19 @@ class OidcTest extends TestCase
|
|||||||
$this->assertPermissionError($resp);
|
$this->assertPermissionError($resp);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function test_automatic_redirect_on_login()
|
||||||
|
{
|
||||||
|
config()->set([
|
||||||
|
'auth.auto_redirect' => true,
|
||||||
|
'services.google.client_id' => false,
|
||||||
|
'services.github.client_id' => false,
|
||||||
|
]);
|
||||||
|
$req = $this->get('/login');
|
||||||
|
$req->assertSeeText('SingleSignOn-Testing');
|
||||||
|
$req->assertElementExists('form[action$="/oidc/login"][method=POST] button');
|
||||||
|
$req->assertElementExists('div#loginredirect-wrapper');
|
||||||
|
}
|
||||||
|
|
||||||
public function test_login()
|
public function test_login()
|
||||||
{
|
{
|
||||||
$req = $this->post('/oidc/login');
|
$req = $this->post('/oidc/login');
|
||||||
|
Loading…
Reference in New Issue
Block a user