mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-01-13 10:35:33 +00:00
Backport #25947 by @wolfogre Since OAuth2 will callback the root URL, if the user starts signing in from a wrong host, Gitea will return 500 because it cannot find the session. <details> <summary>How to reproduce</summary> <img width="901" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/2c2e255c-e13e-4a11-9be7-b226bee54920"> <img width="1014" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/b31cfcf6-a320-483d-9ce5-ba8562f065e1"> </details> So show the mismatched ROOT_URL warning on the sign-in page if OAuth2 is enabled. <img width="1015" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/99e80b17-c790-49a3-bbf2-2bd9396a7daa"> Co-authored-by: Jason Song <i@wolfogre.com>
This commit is contained in:
parent
227c3b67e0
commit
037a3f0d8c
3 changed files with 4 additions and 2 deletions
|
@ -10,7 +10,6 @@ export function initAdminCommon() {
|
||||||
}
|
}
|
||||||
|
|
||||||
// check whether appUrl(ROOT_URL) is correct, if not, show an error message
|
// check whether appUrl(ROOT_URL) is correct, if not, show an error message
|
||||||
// only admin pages need this check because most templates are using relative URLs now
|
|
||||||
checkAppUrl();
|
checkAppUrl();
|
||||||
|
|
||||||
// New user
|
// New user
|
||||||
|
|
|
@ -373,5 +373,5 @@ export function checkAppUrl() {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
showGlobalErrorMessage(`Your ROOT_URL in app.ini is "${appUrl}", it's unlikely matching the site you are visiting.
|
showGlobalErrorMessage(`Your ROOT_URL in app.ini is "${appUrl}", it's unlikely matching the site you are visiting.
|
||||||
Mismatched ROOT_URL config causes wrong URL links for web UI/mail content/webhook notification.`);
|
Mismatched ROOT_URL config causes wrong URL links for web UI/mail content/webhook notification/OAuth2 sign-in.`);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,13 @@
|
||||||
import $ from 'jquery';
|
import $ from 'jquery';
|
||||||
|
import {checkAppUrl} from './common-global.js';
|
||||||
|
|
||||||
export function initUserAuthOauth2() {
|
export function initUserAuthOauth2() {
|
||||||
const outer = document.getElementById('oauth2-login-navigator');
|
const outer = document.getElementById('oauth2-login-navigator');
|
||||||
if (!outer) return;
|
if (!outer) return;
|
||||||
const inner = document.getElementById('oauth2-login-navigator-inner');
|
const inner = document.getElementById('oauth2-login-navigator-inner');
|
||||||
|
|
||||||
|
checkAppUrl();
|
||||||
|
|
||||||
for (const link of outer.querySelectorAll('.oauth-login-link')) {
|
for (const link of outer.querySelectorAll('.oauth-login-link')) {
|
||||||
link.addEventListener('click', () => {
|
link.addEventListener('click', () => {
|
||||||
inner.classList.add('gt-invisible');
|
inner.classList.add('gt-invisible');
|
||||||
|
|
Loading…
Reference in a new issue