search

burakkavak / nginx-auth-server

lightweight authentication server designed to be used with the nginx 'http_auth_request' module / subrequest based authentication using the 'auth_request' directive
MIT License
9 stars 5 forks source link

callback url handling #2

Closed umask closed 1 year ago

umask commented 1 year ago

A little patch to handle call back URL to return to original resource after authorization.

index 9ed14f3..462e03a 100644
--- a/src/main.go
+++ b/src/main.go
@@ -212,7 +212,8 @@ func login(c *gin.Context) {
        if err == nil {
                if _, err = VerifyCookie(token); err == nil {
                        // user already authorized
-                       c.Status(200)
+                       //c.Status(200)
+                       c.Redirect(302, c.Query("callback"))
                        return
                }
        }

nginx.conf error_page for protected resource:

error_page 401 = https://sso.example.net/login?callback=$scheme://$host$request_uri;
burakkavak commented 1 year ago

thank you for your contribution! seems like a logical addition, the way it is now one would see a blank screen if already authenticated and somehow ended up at /login.

I commited the change to the develop branch for now: 8cf544125cfb5206a5e4fc8ba219499f92675ce7

I am preparing an update to Go 1.20 and I have some other fixes, I will push a release soon...

burakkavak commented 1 year ago

I just pushed a release that includes this and other changes, I'm going to close this issue now...

https://github.com/burakkavak/nginx-auth-server/releases/tag/0.0.9