fix: Force https on redirects
All checks were successful
Build Docker / Build Docker (push) Successful in 36s
All checks were successful
Build Docker / Build Docker (push) Successful in 36s
This commit is contained in:
parent
ef27dc3f2a
commit
6f06ce1600
@ -45,6 +45,12 @@ def current_user():
|
|||||||
return User.query.get(uid)
|
return User.query.get(uid)
|
||||||
return None
|
return None
|
||||||
|
|
||||||
|
def urlParse(url):
|
||||||
|
if url.startswith("https://"):
|
||||||
|
return url
|
||||||
|
if 'localhost' in url or '127.0.0.1' in url:
|
||||||
|
return url
|
||||||
|
return url.replace('http://','https://')
|
||||||
|
|
||||||
def split_by_crlf(s):
|
def split_by_crlf(s):
|
||||||
return [v for v in s.splitlines() if v]
|
return [v for v in s.splitlines() if v]
|
||||||
@ -444,7 +450,7 @@ def authorize():
|
|||||||
user = current_user()
|
user = current_user()
|
||||||
# if user log status is not true (Auth server), then to log it in
|
# if user log status is not true (Auth server), then to log it in
|
||||||
if not user:
|
if not user:
|
||||||
return redirect(url_for("home.home", next=request.url))
|
return redirect(url_for("home.home", next=urlParse(request.url))) # Force HTTPS
|
||||||
if request.method == "GET":
|
if request.method == "GET":
|
||||||
try:
|
try:
|
||||||
grant = authorization.get_consent_grant(end_user=user)
|
grant = authorization.get_consent_grant(end_user=user)
|
||||||
@ -469,7 +475,7 @@ def authorize():
|
|||||||
def plainAuth():
|
def plainAuth():
|
||||||
user:User = current_user()
|
user:User = current_user()
|
||||||
if not user:
|
if not user:
|
||||||
return redirect(url_for("home.home", next=request.url))
|
return redirect(url_for("home.home", next=urlParse(request.url)))
|
||||||
|
|
||||||
# Check for return URL
|
# Check for return URL
|
||||||
return_url = request.args.get("return")
|
return_url = request.args.get("return")
|
||||||
|
Loading…
Reference in New Issue
Block a user