diff --git a/controllers/login.js b/controllers/login.js index 281cf2d2fa..f2a0d82065 100644 --- a/controllers/login.js +++ b/controllers/login.js @@ -492,12 +492,19 @@ router.get('/logout/external/', (req, res, next) => { api(req, { version: 'v3' }) .post('/logout/external') // async, ignore result - .catch((err) => { - logger.error('error during logout.', formatError(err)); - }) .then(() => { res.statusCode = 307; res.redirect(redirectUri); + }) + .catch((err) => { + logger.error('error during external logout.', formatError(err)); + req.session.notification = { + type: 'danger', + message: res.$t('logout.text.externalLogoutFailed', { systemName: res.locals.systemName ?? '' }), + statusCode: 500, + timeToWait: Configuration.get('LOGIN_BLOCK_TIME'), + }; + res.redirect(req.header('referrer') ?? '/dashboard'); }); }); diff --git a/helpers/authentication.js b/helpers/authentication.js index 83d799c49c..a9dd29539b 100644 --- a/helpers/authentication.js +++ b/helpers/authentication.js @@ -102,13 +102,14 @@ const isAuthenticated = (req) => { const populateCurrentUser = async (req, res) => { async function setExternalSystemFromJwt(decodedJwt) { - if (!("systemId" in decodedJwt) && !decodedJwt.systemId) { + if (!('systemId' in decodedJwt) && !decodedJwt.systemId) { return; } try { const response = await api(req, { version: 'v3' }).get(`/systems/public/${decodedJwt.systemId}`); - res.locals.externalSystem = response.alias; + res.locals.showExternalLogout = response.alias === 'SANIS'; + res.locals.systemName = response.displayName; } catch (err) { const metadata = { error: err.toString() }; logger.error('Unable to find out the external login system used by user', metadata); @@ -121,7 +122,6 @@ const populateCurrentUser = async (req, res) => { // eslint-disable-next-line prefer-destructuring payload = (jwt.decode(req.cookies.jwt, { complete: true }) || {}).payload; res.locals.currentPayload = payload; - await setExternalSystemFromJwt(payload); } catch (err) { logger.error('Broken JWT / JWT decoding failed', formatError(err)); return clearCookie(req, res, { destroySession: true }) @@ -144,6 +144,8 @@ const populateCurrentUser = async (req, res) => { } if (payload && payload.userId) { + await setExternalSystemFromJwt(payload); + if (res.locals.currentUser && res.locals.currentSchoolData) { return Promise.resolve(res.locals.currentSchoolData); } diff --git a/locales/de.json b/locales/de.json index 1730add363..cb28184200 100644 --- a/locales/de.json +++ b/locales/de.json @@ -2439,9 +2439,7 @@ }, "tab_label": { "settings": "Einstellungen", - "signOut": "Logout", - "sanisSignOut": "Logout Bildungscloud", - "sanisExternalSignOut": "Logout Bildungscloud & moin.schule" + "signOut": "Logout" }, "text": { "allActionsThatCreate": "Sämtliche Aktionen, die Daten anlegen oder ändern, sind deaktiviert und nicht sichtbar.", @@ -2602,6 +2600,11 @@ "userAccountDeactivated": "Ihr Konto wurde deaktiviert. Bitte wenden Sie sich an Ihren Schuladministrator." } }, + "logout": { + "text": { + "externalLogoutFailed": "Die Abmeldung vom System {{systemName}} ist fehlgeschlagen. Bitte versuchen Sie es erneut oder kontaktieren Sie den Support." + } + }, "messenger": { "button": { "activate": "Aktivieren", diff --git a/locales/en.json b/locales/en.json index 204a59cb1f..bd2f2d1a49 100644 --- a/locales/en.json +++ b/locales/en.json @@ -2439,9 +2439,7 @@ }, "tab_label": { "settings": "Settings", - "signOut": "Sign out", - "sanisSignOut": "Logout Bildungscloud", - "sanisExternalSignOut": "Logout Bildungscloud & moin.schule" + "signOut": "Sign out" }, "text": { "allActionsThatCreate": "All actions that create or change data are deactivated and not visible.", @@ -2602,6 +2600,11 @@ "userAccountDeactivated": "Your account has been deactivated. Please contact your school administrator." } }, + "logout": { + "text": { + "externalLogoutFailed": "Logout from {{systemName}} had failed. Please try again or contact support." + } + }, "messenger": { "button": { "activate": "Activate", diff --git a/locales/es.json b/locales/es.json index 29a4e78a96..17500ad087 100644 --- a/locales/es.json +++ b/locales/es.json @@ -2439,9 +2439,7 @@ }, "tab_label": { "settings": "Configuración", - "signOut": "Cerrar sesión", - "sanisSignOut": "Cerrar sesión Bildungscloud", - "sanisExternalSignOut": "Cerrar sesión Bildungscloud & moin.schule" + "signOut": "Cerrar sesión" }, "text": { "allActionsThatCreate": "Todas las acciones que crean o modifican datos están desactivadas y no son visibles.", @@ -2602,6 +2600,11 @@ "userAccountDeactivated": "Su cuenta ha sido desactivada. Comuníquese con el administrador de su escuela." } }, + "logout": { + "text": { + "externalLogoutFailed": "El cierre de sesión del sistema {{systemName}} ha fallado. Inténtalo de nuevo o ponte en contacto con el servicio de asistencia." + } + }, "messenger": { "button": { "activate": "Activar", diff --git a/locales/uk.json b/locales/uk.json index d90a4e3f36..96f7540815 100644 --- a/locales/uk.json +++ b/locales/uk.json @@ -1869,6 +1869,11 @@ "loginForRegisteredUsers": "Вхід в систему для зареєстрованих користувачів" } }, + "logout": { + "text": { + "externalLogoutFailed": "Не вдалося вийти з системи {{SystemName}}. Спробуйте ще раз або зверніться до служби підтримки." + } + }, "teams": { "_team": { "edit": { @@ -2607,9 +2612,7 @@ "loggedin": { "tab_label": { "settings": "Налаштування", - "signOut": "Вийти з системи", - "sanisSignOut": "Вийти з системи Bildungscloud", - "sanisExternalSignOut": "Вийти з системи Bildungscloud & moin.schule" + "signOut": "Вийти з системи" }, "text": { "allActionsThatCreate": "Усі дії, які створюють або змінюють дані, деактивовані та не показуються.", diff --git a/views/lib/topbar.hbs b/views/lib/topbar.hbs index 647e85d99b..ecc08a040b 100644 --- a/views/lib/topbar.hbs +++ b/views/lib/topbar.hbs @@ -59,21 +59,22 @@