display flash errors for external auths like saml or oidc on the logi…

…n screen Ylianst#6154 Signed-off-by: si458 <simonsmith5521@gmail.com>
wdlut · Jun 11, 2024 · d7341ab · d7341ab
1 parent 74d6252
commit d7341ab
Show file tree

Hide file tree

Showing 5 changed files with 62 additions and 1 deletion.
diff --git a/common.js b/common.js
@@ -404,4 +404,19 @@ module.exports.convertStrArray = function (object, split) {
     } else {
         return []
     }
+}
+
+module.exports.uniqueArray = function (a) {
+    var seen = {};
+    var out = [];
+    var len = a.length;
+    var j = 0;
+    for(var i = 0; i < len; i++) {
+         var item = a[i];
+         if(seen[item] !== 1) {
+               seen[item] = 1;
+               out[j++] = item;
+         }
+    }
+    return out;
 }
diff --git a/views/login-mobile.handlebars b/views/login-mobile.handlebars
@@ -356,6 +356,19 @@
             }
         }
 
+        // Display flash error Messages
+        var flashErrors = JSON.parse('{{{flashErrors}}}');
+        if (flashErrors && (flashErrors.length > 0)) {
+            var msg = '';
+            for (i = 0; i < flashErrors.length; i++) {
+                if (flashErrors[i]) {
+                    msg += '<span class="msg error"><b style=color:#8C001A>' + flashErrors[i] + '<b></span><br /><br />';
+                }
+            }
+            QH('message1', msg);
+            QV('message1', true);
+        }
+
         // If URL arguments are provided, add them to form posts
         if (window.location.href.indexOf('?') > 0) {
             var urlargs = window.location.href.substring(window.location.href.indexOf('?'));

diff --git a/views/login.handlebars b/views/login.handlebars
@@ -361,6 +361,19 @@
                 }
             }
 
+            // Display flash error Messages
+            var flashErrors = JSON.parse('{{{flashErrors}}}');
+            if (flashErrors && (flashErrors.length > 0)) {
+                var msg = '';
+                for (i = 0; i < flashErrors.length; i++) {
+                    if (flashErrors[i]) {
+                        msg += '<span class="msg error"><b style=color:#8C001A>' + flashErrors[i] + '<b></span><br /><br />';
+                    }
+                }
+                QH('message1', msg);
+                QV('message1', true);
+            }
+
             // Fix links if a loginKey if used
             var urlargs = parseUriArgs();
             if (urlargs.key) {

diff --git a/views/login2.handlebars b/views/login2.handlebars
@@ -437,6 +437,19 @@
                 }
             }
 
+            // Display flash error Messages
+            var flashErrors = JSON.parse('{{{flashErrors}}}');
+            if (flashErrors && (flashErrors.length > 0)) {
+                var msg = '';
+                for (i = 0; i < flashErrors.length; i++) {
+                    if (flashErrors[i]) {
+                        msg += '<span class="msg error"><b style=color:#8C001A>' + flashErrors[i] + '<b></span><br /><br />';
+                    }
+                }
+                QH('message1', msg);
+                QV('message1', true);
+            }
+
             // Fix links if a loginKey if used
             var urlargs = parseUriArgs();
             //if (urlargs.key) { Q('termsLinkFooter').href += '?key=' + urlargs.key; }

diff --git a/webserver.js b/webserver.js
@@ -3359,6 +3359,12 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
             newAccountCaptchaImage = 'newAccountCaptcha.ashx?x=' + newAccountCaptcha;
         }
 
+        // Check for flash errors from passport.js and make the array unique
+        var flashErrors = [];
+        if (req.session.flash && req.session.flash.error) {
+            flashErrors = obj.common.uniqueArray(req.session.flash.error);
+        }
+
         // Render the login page
         render(req, res,
             getRenderPage((domain.sitestyle == 2) ? 'login2' : 'login', req, domain),
@@ -3380,6 +3386,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
                 footer: (domain.loginfooter == null) ? '' : domain.loginfooter,
                 hkey: encodeURIComponent(hardwareKeyChallenge).replace(/'/g, '%27'),
                 messageid: msgid,
+                flashErrors: JSON.stringify(flashErrors),
                 passhint: passhint,
                 welcometext: domain.welcometext ? encodeURIComponent(domain.welcometext).split('\'').join('\\\'') : null,
                 welcomePictureFullScreen: ((typeof domain.welcomepicturefullscreen == 'boolean') ? domain.welcomepicturefullscreen : false),
@@ -6766,7 +6773,6 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
                     if ((domain.authstrategies.authStrategyFlags & domainAuthStrategyConsts.oidc) != 0) {
                         let authURL = url + 'auth-oidc'
                         parent.authLog('setupHTTPHandlers', `OIDC: Authorization URL: ${authURL}`);
-                        obj.app.use(require('connect-flash')());
                         obj.app.get(authURL, function (req, res, next) {
                             var domain = getDomain(req);
                             if (domain.passport == null) { next(); return; }
@@ -7180,6 +7186,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
         passport.serializeUser(function (user, done) { done(null, user.sid); });
         passport.deserializeUser(function (sid, done) { done(null, { sid: sid }); });
         obj.app.use(passport.initialize());
+        obj.app.use(require('connect-flash')());
 
         // Twitter
         if ((typeof domain.authstrategies.twitter == 'object') && (typeof domain.authstrategies.twitter.clientid == 'string') && (typeof domain.authstrategies.twitter.clientsecret == 'string')) {