Fix return url using cookies

2024-07-04 05:50:57 +12:00 · 2022-01-13 14:07:49 +00:00 · 2022-01-13 14:07:49 +00:00 · b5250ac244
parent b2c5e4f825
commit b5250ac244
5 changed files with 65 additions and 15 deletions
--- a/packages/builder/src/builderStore/cookies.js
+++ b/packages/builder/src/builderStore/cookies.js
@ -1,16 +1,26 @@
 export const Cookies = {
  Auth: "budibase:auth",
  CurrentApp: "budibase:currentapp",
+  ReturnUrl: "budibase:returnurl",
+}
+
+export function setCookie(name, value) {
+  if (getCookie(name)) {
+    removeCookie(name)
+  }
+  window.document.cookie = `${name}=${value}; Path=/;`
 }

 export function getCookie(cookieName) {
-  return document.cookie.split(";").some(cookie => {
-    return cookie.trim().startsWith(`${cookieName}=`)
-  })
+  const value = `; ${document.cookie}`
+  const parts = value.split(`; ${cookieName}=`)
+  if (parts.length === 2) {
+    return parts[1].split(";").shift()
+  }
 }

 export function removeCookie(cookieName) {
  if (getCookie(cookieName)) {
-    document.cookie = `${cookieName}=; Max-Age=-99999999;`
+    document.cookie = `${cookieName}=; Max-Age=-99999999; Path=/;`
  }
 }
--- a/packages/builder/src/pages/builder/_layout.svelte
+++ b/packages/builder/src/pages/builder/_layout.svelte
@ -2,6 +2,12 @@
  import { isActive, redirect, params } from "@roxi/routify"
  import { admin, auth } from "stores/portal"
  import { onMount } from "svelte"
+  import {
+    Cookies,
+    getCookie,
+    removeCookie,
+    setCookie,
+  } from "builderStore/cookies"

  let loaded = false

@ -67,6 +73,25 @@

  $: {
    const apiReady = $admin.loaded && $auth.loaded
+
+    // firstly, set the return url
+    if (
+      loaded &&
+      apiReady &&
+      !$auth.user &&
+      !getCookie(Cookies.ReturnUrl) &&
+      // logout triggers a page refresh, so we don't want to set the return url
+      !$auth.postLogout &&
+      // don't set the return url on pre-login pages
+      !$isActive("./auth") &&
+      !$isActive("./invite") &&
+      !$isActive("./admin")
+    ) {
+      const url = window.location.pathname
+      console.log("setting return url:" + url)
+      setCookie(Cookies.ReturnUrl, url)
+    }
+
    // if tenant is not set go to it
    if (
      loaded &&
@ -90,13 +115,21 @@
      !$isActive("./invite") &&
      !$isActive("./admin")
    ) {
-      const returnUrl = encodeURIComponent(window.location.pathname)
-      $redirect("./auth?", { returnUrl })
+      $redirect("./auth")
    }
    // check if password reset required for user
    else if ($auth.user?.forceResetPassword) {
      $redirect("./auth/reset")
    }
+    // lastly, redirect to the return url if it has been set
+    else if (loaded && apiReady && $auth.user) {
+      const returnUrl = getCookie(Cookies.ReturnUrl)
+      if (returnUrl) {
+        removeCookie(Cookies.ReturnUrl)
+        console.log("redirecting to return url:" + returnUrl)
+        window.location.href = returnUrl
+      }
+    }
  }
 </script>

--- a/packages/builder/src/pages/builder/auth/login.svelte
+++ b/packages/builder/src/pages/builder/auth/login.svelte
@ -10,7 +10,7 @@
    notifications,
    Link,
  } from "@budibase/bbui"
-  import { goto, params } from "@roxi/routify"
+  import { goto } from "@roxi/routify"
  import { auth, organisation, oidc, admin } from "stores/portal"
  import GoogleButton from "./_components/GoogleButton.svelte"
  import OIDCButton from "./_components/OIDCButton.svelte"
@ -35,12 +35,8 @@
      if ($auth?.user?.forceResetPassword) {
        $goto("./reset")
      } else {
-        if ($params["?returnUrl"]) {
-          window.location = decodeURIComponent($params["?returnUrl"])
-        } else {
-          notifications.success("Logged in successfully")
-          $goto("../portal")
-        }
+        notifications.success("Logged in successfully")
+        $goto("../portal")
      }
    } catch (err) {
      console.error(err)
--- a/packages/builder/src/stores/portal/auth.js
+++ b/packages/builder/src/stores/portal/auth.js
@ -9,6 +9,7 @@ export function createAuthStore() {
    tenantId: "default",
    tenantSet: false,
    loaded: false,
+    postLogout: false,
  })
  const store = derived(auth, $store => {
    let initials = null
@ -34,6 +35,7 @@ export function createAuthStore() {
      tenantId: $store.tenantId,
      tenantSet: $store.tenantSet,
      loaded: $store.loaded,
+      postLogout: $store.postLogout,
      initials,
      isAdmin,
      isBuilder,
@ -89,6 +91,13 @@ export function createAuthStore() {
    return info
  }

+  async function setPostLogout() {
+    auth.update(store => {
+      store.postLogout = true
+      return store
+    })
+  }
+
  async function getInitInfo() {
    const response = await api.get(`/api/global/auth/init`)
    const json = response.json()
@ -145,6 +154,7 @@ export function createAuthStore() {
      await response.json()
      await setInitInfo({})
      setUser(null)
+      setPostLogout()
    },
    updateSelf: async fields => {
      const newUser = { ...get(auth).user, ...fields }
--- a/packages/client/src/components/ClientApp.svelte
+++ b/packages/client/src/components/ClientApp.svelte
@ -63,8 +63,9 @@
      } else {
        // The user is not logged in, redirect them to login
        const returnUrl = `${window.location.pathname}${window.location.hash}`
-        const encodedUrl = encodeURIComponent(returnUrl)
-        window.location = `/builder/auth/login?returnUrl=${encodedUrl}`
+        // TODO: reuse `Cookies` from builder when frontend-core is added
+        window.document.cookie = `budibase:returnurl=${returnUrl}; Path=/`
+        window.location = `/builder/auth/login`
      }
    }
  }