nathanwoodburn/hns-login
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Force https on redirects
All checks were successful
Build Docker / Build Docker (push) Successful in 36s
Details

Browse Source
This commit is contained in:
Nathan Woodburn 2024-06-20 20:48:04 +10:00
parent ef27dc3f2a
commit 6f06ce1600
Signed by: nathanwoodburn
GPG Key ID: 203B000478AD0EF1
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
website/routes.py
View File

@ -45,6 +45,12 @@ def current_user():
return User.query.get(uid) return User.query.get(uid)
return None return None
def urlParse(url):
if url.startswith("https://"):
return url
if 'localhost' in url or '127.0.0.1' in url:
return url
return url.replace('http://','https://')
def split_by_crlf(s): def split_by_crlf(s):
return [v for v in s.splitlines() if v] return [v for v in s.splitlines() if v]
@ -444,7 +450,7 @@ def authorize():
user = current_user() user = current_user()
# if user log status is not true (Auth server), then to log it in # if user log status is not true (Auth server), then to log it in
if not user: if not user:
return redirect(url_for("home.home", next=request.url)) return redirect(url_for("home.home", next=urlParse(request.url))) # Force HTTPS
if request.method == "GET": if request.method == "GET":
try: try:
grant = authorization.get_consent_grant(end_user=user) grant = authorization.get_consent_grant(end_user=user)
@ -469,7 +475,7 @@ def authorize():
def plainAuth(): def plainAuth():
user:User = current_user() user:User = current_user()
if not user: if not user:
return redirect(url_for("home.home", next=request.url)) return redirect(url_for("home.home", next=urlParse(request.url)))
# Check for return URL # Check for return URL
return_url = request.args.get("return") return_url = request.args.get("return")