mirror of
https://github.com/yusing/godoxy.git
synced 2026-04-24 17:58:45 +02:00
add a block page to oidc on invallid credentials, fix inifinite login redirect
This commit is contained in:
@@ -1,6 +1,7 @@
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"net/http"
|
||||
"sync"
|
||||
"sync/atomic"
|
||||
@@ -80,11 +81,13 @@ func (amw *oidcMiddleware) before(w http.ResponseWriter, r *http.Request) (proce
|
||||
}
|
||||
|
||||
if err := amw.auth.CheckToken(r); err != nil {
|
||||
amw.authMux.ServeHTTP(w, r)
|
||||
return false
|
||||
}
|
||||
if r.URL.Path == auth.OIDCLogoutPath {
|
||||
amw.auth.LogoutCallbackHandler(w, r)
|
||||
if errors.Is(err, auth.ErrMissingToken) {
|
||||
amw.authMux.ServeHTTP(w, r)
|
||||
} else if r.URL.Path == auth.OIDCLogoutPath {
|
||||
amw.auth.LogoutCallbackHandler(w, r)
|
||||
} else {
|
||||
auth.WriteBlockPage(w, http.StatusForbidden, err.Error(), auth.OIDCLogoutPath)
|
||||
}
|
||||
return false
|
||||
}
|
||||
return true
|
||||
|
||||
Reference in New Issue
Block a user