pkg/server: fix /demologin to properly redirect to home page

With the introduction of the server controller, we introduced a layer between the HTTP handler and the HTTP server. When this was introduced, the logic to attempt a login to all tenants forgot to handle the case for `/demologin` where the status code is set to a 307 redirect, instead of a 200 status OK. This broke the redirect piece of the `/demologin` endpoint. This patch updates the `attemptLoginToAllTenants` HTTP handler to properly set the 307 response code in the case where the underlying login function does so on the sessionWriter. Release note: none
cockroachdb · Mar 16, 2023 · 4a30189 · 4a30189
1 parent 721dcb2
commit 4a30189
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 2 deletions.
diff --git a/pkg/server/authentication.go b/pkg/server/authentication.go
@@ -240,7 +240,7 @@ func (s *authenticationServer) demoLogin(w http.ResponseWriter, req *http.Reques
 
 	w.Header()["Set-Cookie"] = []string{cookie.String()}
 	w.Header()["Location"] = []string{"/"}
-	w.WriteHeader(302)
+	w.WriteHeader(http.StatusTemporaryRedirect)
 	_, _ = w.Write([]byte("you can use the UI now"))
 }
 

diff --git a/pkg/server/server_controller_http.go b/pkg/server/server_controller_http.go
@@ -153,6 +153,8 @@ func (c *serverController) attemptLoginToAllTenants() http.Handler {
 		}
 		defer r.Body.Close()
 
+		redirect := false
+		redirectLocation := "/" // default to home page
 		for _, name := range tenantNames {
 			server, err := c.getServer(ctx, name)
 			if err != nil {
@@ -185,6 +187,16 @@ func (c *serverController) attemptLoginToAllTenants() http.Handler {
 					name:      string(name),
 					setCookie: setCookieHeader,
 				})
+				// In the case of /demologin, we want to redirect to the provided location
+				// in the header. If we get back a cookie along with an
+				// http.StatusTemporaryRedirect code, be sure to transfer the response code
+				// along with the Location into the ResponseWriter later.
+				if sw.code == http.StatusTemporaryRedirect {
+					redirect = true
+					if locationHeader, ok := sw.Header()["Location"]; ok && len(locationHeader) > 0 {
+						redirectLocation = locationHeader[0]
+					}
+				}
 			}
 		}
 		// If the map has entries, the method to create the aggregated session should
@@ -217,7 +229,11 @@ func (c *serverController) attemptLoginToAllTenants() http.Handler {
 					return
 				}
 			}
-			w.WriteHeader(http.StatusOK)
+			if redirect {
+				http.Redirect(w, r, redirectLocation, http.StatusTemporaryRedirect)
+			} else {
+				w.WriteHeader(http.StatusOK)
+			}
 		} else {
 			w.WriteHeader(http.StatusUnauthorized)
 		}