diff --git a/server/api/login.go b/server/api/login.go index 1a2083584..eb37154d0 100644 --- a/server/api/login.go +++ b/server/api/login.go @@ -38,12 +38,7 @@ func HandleLogin(c *gin.Context) { if err := r.FormValue("error"); err != "" { http.Redirect(w, r, "/login/error?code="+err, 303) } else { - intendedURL := r.URL.Query()["url"] - if len(intendedURL) > 0 { - http.Redirect(w, r, "/authorize?url="+intendedURL[0], 303) - } else { - http.Redirect(w, r, "/authorize", 303) - } + http.Redirect(w, r, "/authorize", 303) } } @@ -141,12 +136,7 @@ func HandleAuth(c *gin.Context) { httputil.SetCookie(c.Writer, c.Request, "user_sess", tokenString) - intendedURL := c.Request.URL.Query()["url"] - if len(intendedURL) > 0 { - c.Redirect(303, intendedURL[0]) - } else { - c.Redirect(303, "/") - } + c.Redirect(303, "/") } func GetLogout(c *gin.Context) { diff --git a/server/badges/badges.go b/server/badges/badges.go index 9364a25d8..71e8f9cfd 100644 --- a/server/badges/badges.go +++ b/server/badges/badges.go @@ -26,6 +26,9 @@ var ( // Generate an SVG badge based on a build func Generate(build *model.Build) string { + if build == nil { + return badgeNone + } switch build.Status { case model.StatusSuccess: return badgeSuccess diff --git a/web/src/compositions/useAuthentication.ts b/web/src/compositions/useAuthentication.ts index 03d055847..e66ed93c5 100644 --- a/web/src/compositions/useAuthentication.ts +++ b/web/src/compositions/useAuthentication.ts @@ -1,13 +1,17 @@ import useConfig from '~/compositions/useConfig'; +import useUserConfig from '~/compositions/useUserConfig'; export default () => ({ - isAuthenticated: useConfig().user, + isAuthenticated: !!useConfig().user, user: useConfig().user, - authenticate(origin?: string) { - const url = `/login?url=${origin || ''}`; - window.location.href = url; + authenticate(url?: string) { + if (url) { + const config = useUserConfig(); + config.setUserConfig('redirectUrl', url); + } + window.location.href = '/login'; }, } as const); diff --git a/web/src/compositions/useUserConfig.ts b/web/src/compositions/useUserConfig.ts index 213b78830..69b07628e 100644 --- a/web/src/compositions/useUserConfig.ts +++ b/web/src/compositions/useUserConfig.ts @@ -4,10 +4,12 @@ const USER_CONFIG_KEY = 'woodpecker-user-config'; type UserConfig = { isBuildFeedOpen: boolean; + redirectUrl: string; }; const defaultUserConfig: UserConfig = { isBuildFeedOpen: false, + redirectUrl: '', }; function loadUserConfig(): UserConfig { diff --git a/web/src/router.ts b/web/src/router.ts index 6ce9e2c24..b6fa6cab9 100644 --- a/web/src/router.ts +++ b/web/src/router.ts @@ -1,7 +1,8 @@ import { Component } from 'vue'; import { createRouter, createWebHistory, RouteRecordRaw } from 'vue-router'; -import useAuthentication from './compositions/useAuthentication'; +import useAuthentication from '~/compositions/useAuthentication'; +import useUserConfig from '~/compositions/useUserConfig'; const routes: RouteRecordRaw[] = [ { @@ -26,7 +27,6 @@ const routes: RouteRecordRaw[] = [ name: 'repos-owner', component: (): Component => import('~/views/ReposOwner.vue'), props: true, - meta: { authentication: 'required' }, }, { path: '/:repoOwner/:repoName', @@ -133,6 +133,13 @@ const router = createRouter({ }); router.beforeEach(async (to, _, next) => { + const config = useUserConfig(); + const { redirectUrl } = config.userConfig.value; + if (redirectUrl !== '') { + config.setUserConfig('redirectUrl', ''); + next(redirectUrl); + } + const authentication = useAuthentication(); if (to.meta.authentication === 'required' && !authentication.isAuthenticated) { next({ name: 'login', query: { url: to.fullPath } }); diff --git a/web/src/views/Login.vue b/web/src/views/Login.vue index a79a1a88b..3bf0ad37f 100644 --- a/web/src/views/Login.vue +++ b/web/src/views/Login.vue @@ -53,7 +53,7 @@ export default defineComponent({ const errorMessage = ref(); function doLogin() { - const url = typeof route.query.origin === 'string' ? route.query.origin : ''; + const url = typeof route.query.url === 'string' ? route.query.url : ''; authentication.authenticate(url); } diff --git a/web/src/views/repo/RepoWrapper.vue b/web/src/views/repo/RepoWrapper.vue index b4139528e..8a79ee85c 100644 --- a/web/src/views/repo/RepoWrapper.vue +++ b/web/src/views/repo/RepoWrapper.vue @@ -39,6 +39,7 @@ import FluidContainer from '~/components/layout/FluidContainer.vue'; import Tab from '~/components/tabs/Tab.vue'; import Tabs from '~/components/tabs/Tabs.vue'; import useApiClient from '~/compositions/useApiClient'; +import useAuthentication from '~/compositions/useAuthentication'; import useNotifications from '~/compositions/useNotifications'; import { RepoPermissions } from '~/lib/api/types'; import BuildStore from '~/store/builds'; @@ -72,6 +73,7 @@ export default defineComponent({ const buildStore = BuildStore(); const apiClient = useApiClient(); const notifications = useNotifications(); + const { isAuthenticated } = useAuthentication(); const route = useRoute(); const router = useRouter(); @@ -86,6 +88,11 @@ export default defineComponent({ repoPermissions.value = await apiClient.getRepoPermissions(repoOwner.value, repoName.value); if (!repoPermissions.value.pull) { notifications.notify({ type: 'error', title: 'Not allowed to access this repository' }); + // no access and not authenticated, redirect to login + if (!isAuthenticated) { + await router.replace({ name: 'login', query: { url: route.fullPath } }); + return; + } await router.replace({ name: 'home' }); return; }