chore: Refactor authentication pass between subdomains (#1619)

* fix: Use get request instead of cookie to transfer token between domains * Add domain to database Add redirects to team domain when present * 30s -> 1m * fix: Avoid redirect loop if subdomain and domain set * fix: Create a transfer specific token to prevent replay requests * refactor: Move isCustomDomain out of shared as it won't work on the client
2020-11-04 19:54:04 -08:00
parent 3d09c8f655
commit 1b6a986986
11 changed files with 136 additions and 32 deletions
--- a/server/api/auth.js
+++ b/server/api/auth.js
@ -6,6 +6,7 @@ import { signin } from "../../shared/utils/routeHelpers";
 import auth from "../middlewares/authentication";
 import { Team } from "../models";
 import { presentUser, presentTeam, presentPolicies } from "../presenters";
+import { isCustomDomain } from "../utils/domains";

 const router = new Router();

@ -68,11 +69,29 @@ router.post("auth.config", async (ctx) => {
    }
  }

+  if (isCustomDomain(ctx.request.hostname)) {
+    const team = await Team.findOne({
+      where: { domain: ctx.request.hostname },
+    });
+
+    if (team) {
+      ctx.body = {
+        data: {
+          name: team.name,
+          hostname: ctx.request.hostname,
+          services: filterServices(team),
+        },
+      };
+      return;
+    }
+  }
+
  // If subdomain signin page then we return minimal team details to allow
  // for a custom screen showing only relevant signin options for that team.
  if (
    process.env.SUBDOMAINS_ENABLED === "true" &&
-    isCustomSubdomain(ctx.request.hostname)
+    isCustomSubdomain(ctx.request.hostname) &&
+    !isCustomDomain(ctx.request.hostname)
  ) {
    const domain = parseDomain(ctx.request.hostname);
    const subdomain = domain ? domain.subdomain : undefined;