Attempt to fix auth proxies by making redirects manual #1028

pull/1098/head
Zef Hemel 2024-09-09 18:36:54 +02:00
parent 28f3e454b6
commit cb88eae885
2 changed files with 30 additions and 17 deletions

View File

@ -34,33 +34,46 @@ export class HttpSpacePrimitives implements SpacePrimitives {
try {
options.signal = AbortSignal.timeout(fetchTimeout);
options.redirect = "manual";
const result = await fetch(url, options);
if (result.status === 503) {
throw new Error("Offline");
}
const redirectHeader = result.headers.get("location");
// console.log("Got response", result.status, result.statusText, result.url);
// Attempting to handle various authentication proxies
if (result.redirected) {
if (result.status === 401 || result.status === 403) {
if (result.status >= 300 && result.status < 400) {
if (redirectHeader) {
// Got a redirect
alert("Received a redirect, redirecting to URL: " + redirectHeader);
location.href = redirectHeader;
throw new Error("Redirected");
} else {
console.error("Got a redirect status but no location header", result);
}
}
// Check for unauthorized status
if (result.status === 401 || result.status === 403) {
// If it came with a redirect header, we'll redirect to that URL
if (redirectHeader) {
console.log(
"Received unauthorized status and got a redirect via the API so will redirect to URL",
result.url,
);
alert("You are not authenticated, redirecting to: " + result.url);
location.href = result.url;
alert("You are not authenticated, redirecting to: " + redirectHeader);
location.href = redirectHeader;
throw new Error("Not authenticated");
} else {
alert("Received a redirect, redirecting to URL: " + result.url);
location.href = result.url;
throw new Error("Redirected");
// If not, let's reload
alert(
"You are not authenticated, going to reload and hope that that kicks off authentication",
);
location.reload();
throw new Error("Not authenticated, got 401");
}
}
if (result.status === 401 || result.status === 403) {
alert(
"You are not authenticated, going to reload and hope that that kicks off authentication",
);
location.reload();
throw new Error("Not authenticated, got 401");
}
return result;
} catch (e: any) {
// Errors when there is no internet connection:

View File

@ -370,7 +370,7 @@ export class HttpServer {
return c.redirect(typeof from === "string" ? from : "/");
} else {
console.error("Authentication failed, redirecting to auth page.");
return c.redirect("/.auth?error=1");
return c.redirect("/.auth?error=1", 401);
}
},
).all((c) => {
@ -389,9 +389,9 @@ export class HttpServer {
const redirectToAuth = () => {
// Try filtering api paths
if (req.path.startsWith("/.") || req.path.endsWith(".md")) {
return c.redirect("/.auth");
return c.redirect("/.auth", 401);
} else {
return c.redirect(`/.auth?from=${req.path}`);
return c.redirect(`/.auth?from=${req.path}`, 401);
}
};
if (!excludedPaths.includes(url.pathname)) {