Attempt to fix auth proxies by making redirects manual #1028

silverbulletmd · Sep 9, 2024 · d6fb5e0 · d6fb5e0
1 parent 409b0df
commit d6fb5e0
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 17 deletions.
diff --git a/common/spaces/http_space_primitives.ts b/common/spaces/http_space_primitives.ts
@@ -34,33 +34,46 @@ export class HttpSpacePrimitives implements SpacePrimitives {
 
     try {
       options.signal = AbortSignal.timeout(fetchTimeout);
+      options.redirect = "manual";
       const result = await fetch(url, options);
       if (result.status === 503) {
         throw new Error("Offline");
       }
+      const redirectHeader = result.headers.get("location");
+
+      // console.log("Got response", result.status, result.statusText, result.url);
+
       // Attempting to handle various authentication proxies
-      if (result.redirected) {
-        if (result.status === 401 || result.status === 403) {
+      if (result.status >= 300 && result.status < 400) {
+        if (redirectHeader) {
+          // Got a redirect
+          alert("Received a redirect, redirecting to URL: " + redirectHeader);
+          location.href = redirectHeader;
+          throw new Error("Redirected");
+        } else {
+          console.error("Got a redirect status but no location header", result);
+        }
+      }
+      // Check for unauthorized status
+      if (result.status === 401 || result.status === 403) {
+        // If it came with a redirect header, we'll redirect to that URL
+        if (redirectHeader) {
           console.log(
             "Received unauthorized status and got a redirect via the API so will redirect to URL",
             result.url,
           );
-          alert("You are not authenticated, redirecting to: " + result.url);
-          location.href = result.url;
+          alert("You are not authenticated, redirecting to: " + redirectHeader);
+          location.href = redirectHeader;
           throw new Error("Not authenticated");
         } else {
-          alert("Received a redirect, redirecting to URL: " + result.url);
-          location.href = result.url;
-          throw new Error("Redirected");
+          // If not, let's reload
+          alert(
+            "You are not authenticated, going to reload and hope that that kicks off authentication",
+          );
+          location.reload();
+          throw new Error("Not authenticated, got 401");
         }
       }
-      if (result.status === 401 || result.status === 403) {
-        alert(
-          "You are not authenticated, going to reload and hope that that kicks off authentication",
-        );
-        location.reload();
-        throw new Error("Not authenticated, got 401");
-      }
       return result;
     } catch (e: any) {
       // Errors when there is no internet connection:

diff --git a/server/http_server.ts b/server/http_server.ts
@@ -370,7 +370,7 @@ export class HttpServer {
           return c.redirect(typeof from === "string" ? from : "/");
         } else {
           console.error("Authentication failed, redirecting to auth page.");
-          return c.redirect("/.auth?error=1");
+          return c.redirect("/.auth?error=1", 401);
         }
       },
     ).all((c) => {
@@ -389,9 +389,9 @@ export class HttpServer {
       const redirectToAuth = () => {
         // Try filtering api paths
         if (req.path.startsWith("/.") || req.path.endsWith(".md")) {
-          return c.redirect("/.auth");
+          return c.redirect("/.auth", 401);
         } else {
-          return c.redirect(`/.auth?from=${req.path}`);
+          return c.redirect(`/.auth?from=${req.path}`, 401);
         }
       };
       if (!excludedPaths.includes(url.pathname)) {