Mirrors/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-10-31 10:13:32 -04:00
Code Issues Packages Projects Releases Wiki Activity

Infinite redirect fix again (#3419)

Browse Source 
* override the check method to not care about the id token if we have a valid mealie token

* prevent auto log in with auth check is already good

* fix check

* simplify check logic
This commit is contained in:
Carter
2024-04-04 16:23:33 -05:00
committed by GitHub
parent 1099e30a1d
commit eb1d569e95
2 changed files with 21 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
frontend/pages/login.vue
View File

@@ -191,7 +191,7 @@ export default defineComponent({
const oidcProviderName = computed(() => appInfo.value?.oidcProviderName || "OAuth") const oidcProviderName = computed(() => appInfo.value?.oidcProviderName || "OAuth")
whenever( whenever(
() => allowOidc.value && oidcRedirect.value && !isCallback() && !isDirectLogin(), () => allowOidc.value && oidcRedirect.value && !isCallback() && !isDirectLogin() && !$auth.check().valid,
() => oidcAuthenticate(), () => oidcAuthenticate(),
{immediate: true} {immediate: true}
) )

23
frontend/schemes/DynamicOpenIDConnectScheme.js
View File

@@ -21,6 +21,22 @@ export default class DynamicOpenIDConnectScheme extends OpenIDConnectScheme {
return await super.mounted() return await super.mounted()
} }
// Overrides the check method in the OpenIDConnectScheme
// We don't care if the id token is expired as long as we have a valid Mealie token.
// We only use the id token to verify identity on the initial login, then issue a Mealie token
check(checkStatus = false) {
const response = super.check(checkStatus)
// we can do this because id token is the last thing to be checked so if the id token is expired then it was
// the only thing making the request not valid
if (response.idTokenExpired && !response.valid) {
response.valid = true;
response.idTokenExpired = false;
}
// eslint-disable-next-line @typescript-eslint/no-unsafe-return
return response;
}
async fetchUser() { async fetchUser() {
if (!this.check().valid) { if (!this.check().valid) {
return return
@@ -36,7 +52,7 @@ export default class DynamicOpenIDConnectScheme extends OpenIDConnectScheme {
async _handleCallback() { async _handleCallback() {
// sometimes the mealie token is being sent in the request to the IdP on callback which // sometimes the mealie token is being sent in the request to the IdP on callback which
// causes an error, so we clear it if we have one // causes an error, so we clear it if we have one
if (this.token.get()) { if (!this.token.status().valid()) {
this.token.reset(); this.token.reset();
} }
const redirect = await super._handleCallback() const redirect = await super._handleCallback()
@@ -47,10 +63,11 @@ export default class DynamicOpenIDConnectScheme extends OpenIDConnectScheme {
} }
async updateAccessToken() { async updateAccessToken() {
if (!this.idToken.sync()) { if (this.isValidMealieToken()) {
return return
} }
if (this.isValidMealieToken()) { if (!this.idToken.status().valid()) {
this.idToken.reset();
return return
} }