diff --git a/cmd/root.go b/cmd/root.go
index 3ae7292..171e043 100644
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -95,7 +95,6 @@ func init() {
{"generic-user-url", "", "Generic OAuth user info URL."},
{"generic-name", "Generic", "Generic OAuth provider name."},
{"generic-skip-ssl", false, "Skip SSL verification for the generic OAuth provider."},
- {"disable-continue", false, "Disable continue screen and redirect to app directly."},
{"oauth-whitelist", "", "Comma separated list of email addresses to whitelist when using OAuth."},
{"oauth-auto-redirect", "none", "Auto redirect to the specified OAuth provider if configured. (available providers: github, google, generic)"},
{"session-expiry", 86400, "Session (cookie) expiration time in seconds."},
diff --git a/frontend/src/components/domain-warning/domain-warning.tsx b/frontend/src/components/domain-warning/domain-warning.tsx
new file mode 100644
index 0000000..10c836e
--- /dev/null
+++ b/frontend/src/components/domain-warning/domain-warning.tsx
@@ -0,0 +1,36 @@
+import {
+ Card,
+ CardDescription,
+ CardFooter,
+ CardHeader,
+ CardTitle,
+} from "../ui/card";
+import { Button } from "../ui/button";
+
+interface Props {
+ onClick: () => void;
+ appUrl: string;
+ currentUrl: string;
+}
+
+export const DomainWarning = (props: Props) => {
+ const { onClick, appUrl, currentUrl } = props;
+
+ return (
+
+
+ Incorrect Domain
+
+ This instance is configured to be accessed from {appUrl},
+ but {currentUrl} is being used. Authentication will most
+ likely fail if you proceed.
+
+
+
+
+
+
+ );
+};
diff --git a/frontend/src/components/layout/layout.tsx b/frontend/src/components/layout/layout.tsx
index 773185b..e14e015 100644
--- a/frontend/src/components/layout/layout.tsx
+++ b/frontend/src/components/layout/layout.tsx
@@ -1,9 +1,13 @@
import { useAppContext } from "@/context/app-context";
import { LanguageSelector } from "../language/language";
import { Outlet } from "react-router";
+import { useState } from "react";
+import { DomainWarning } from "../domain-warning/domain-warning";
export const Layout = () => {
- const { backgroundImage } = useAppContext();
+ const { backgroundImage, appUrl } = useAppContext();
+ const [ignoreDomainWarning, setIgnoreDomainWarning] = useState(false);
+ const currentUrl = window.location.origin;
return (
{
}}
>
-
+ {appUrl !== currentUrl && !ignoreDomainWarning ? (
+ setIgnoreDomainWarning(true)}
+ appUrl={appUrl}
+ currentUrl={currentUrl}
+ />
+ ) : (
+
+ )}
);
};
diff --git a/frontend/src/components/ui/button.tsx b/frontend/src/components/ui/button.tsx
index fbb5b27..4badcc1 100644
--- a/frontend/src/components/ui/button.tsx
+++ b/frontend/src/components/ui/button.tsx
@@ -22,7 +22,7 @@ const buttonVariants = cva(
"hover:bg-accent hover:text-accent-foreground dark:hover:bg-accent/50",
link: "text-primary underline-offset-4 hover:underline",
warning:
- "bg-amber-500 text-white shadow-xs hover:bg-amber-400 focus-visible:ring-amber-200/20 dark:focus-visible:ring-amber-400/40 dark:bg-amber-600",
+ "bg-amber-500 text-white shadow-xs hover:bg-amber-400 focus-visible:ring-amber-200/20 dark:focus-visible:ring-amber-400/40",
},
size: {
default: "h-9 px-4 py-2 has-[>svg]:px-3",
diff --git a/frontend/src/lib/i18n/locales/en-US.json b/frontend/src/lib/i18n/locales/en-US.json
index 74e422f..a90d581 100644
--- a/frontend/src/lib/i18n/locales/en-US.json
+++ b/frontend/src/lib/i18n/locales/en-US.json
@@ -20,8 +20,7 @@
"continueInvalidRedirectSubtitle": "The redirect URL is invalid",
"continueInsecureRedirectTitle": "Insecure redirect",
"continueInsecureRedirectSubtitle": "You are trying to redirect from https to http which is not secure. Are you sure you want to continue?",
- "continueTitle": "Continue",
- "continueSubtitle": "Click the button to continue to your app.",
+ "continueRedirectManually": "Redirect me manually",
"logoutFailTitle": "Failed to log out",
"logoutFailSubtitle": "Please try again",
"logoutSuccessTitle": "Logged out",
@@ -45,7 +44,7 @@
"unauthorizedIpSubtitle": "Your IP address {{ip}} is not authorized to access the resource {{resource}}.",
"unauthorizedButton": "Try again",
"untrustedRedirectTitle": "Untrusted redirect",
- "untrustedRedirectSubtitle": "You are trying to redirect to a domain that does not match your configured domain ({{domain}}). Are you sure you want to continue?",
+ "untrustedRedirectSubtitle": "You are trying to redirect to a domain that does not match your configured domain ({{rootDomain}}). Are you sure you want to continue?",
"cancelTitle": "Cancel",
"forgotPasswordTitle": "Forgot your password?",
"failedToFetchProvidersTitle": "Failed to load authentication providers. Please check your configuration.",
diff --git a/frontend/src/lib/i18n/locales/en.json b/frontend/src/lib/i18n/locales/en.json
index 74e422f..a90d581 100644
--- a/frontend/src/lib/i18n/locales/en.json
+++ b/frontend/src/lib/i18n/locales/en.json
@@ -20,8 +20,7 @@
"continueInvalidRedirectSubtitle": "The redirect URL is invalid",
"continueInsecureRedirectTitle": "Insecure redirect",
"continueInsecureRedirectSubtitle": "You are trying to redirect from https to http which is not secure. Are you sure you want to continue?",
- "continueTitle": "Continue",
- "continueSubtitle": "Click the button to continue to your app.",
+ "continueRedirectManually": "Redirect me manually",
"logoutFailTitle": "Failed to log out",
"logoutFailSubtitle": "Please try again",
"logoutSuccessTitle": "Logged out",
@@ -45,7 +44,7 @@
"unauthorizedIpSubtitle": "Your IP address {{ip}} is not authorized to access the resource {{resource}}.",
"unauthorizedButton": "Try again",
"untrustedRedirectTitle": "Untrusted redirect",
- "untrustedRedirectSubtitle": "You are trying to redirect to a domain that does not match your configured domain ({{domain}}). Are you sure you want to continue?",
+ "untrustedRedirectSubtitle": "You are trying to redirect to a domain that does not match your configured domain ({{rootDomain}}). Are you sure you want to continue?",
"cancelTitle": "Cancel",
"forgotPasswordTitle": "Forgot your password?",
"failedToFetchProvidersTitle": "Failed to load authentication providers. Please check your configuration.",
diff --git a/frontend/src/pages/continue-page.tsx b/frontend/src/pages/continue-page.tsx
index cc4d432..f97752f 100644
--- a/frontend/src/pages/continue-page.tsx
+++ b/frontend/src/pages/continue-page.tsx
@@ -12,7 +12,7 @@ import { isValidUrl } from "@/lib/utils";
import { Trans, useTranslation } from "react-i18next";
import { Navigate, useLocation, useNavigate } from "react-router";
import DOMPurify from "dompurify";
-import { useState } from "react";
+import { useEffect, useState } from "react";
export const ContinuePage = () => {
const { isLoggedIn } = useUserContext();
@@ -21,9 +21,10 @@ export const ContinuePage = () => {
return ;
}
- const { domain, disableContinue } = useAppContext();
+ const { rootDomain } = useAppContext();
const { search } = useLocation();
const [loading, setLoading] = useState(false);
+ const [showRedirectButton, setShowRedirectButton] = useState(false);
const searchParams = new URLSearchParams(search);
const redirectURI = searchParams.get("redirect_uri");
@@ -36,21 +37,20 @@ export const ContinuePage = () => {
return ;
}
- const handleRedirect = () => {
- setLoading(true);
- window.location.href = DOMPurify.sanitize(redirectURI);
- }
-
- if (disableContinue) {
- handleRedirect();
- }
-
const { t } = useTranslation();
const navigate = useNavigate();
- const url = new URL(redirectURI);
+ const handleRedirect = () => {
+ setLoading(true);
+ window.location.href = DOMPurify.sanitize(redirectURI);
+ };
- if (!(url.hostname == domain) && !url.hostname.endsWith(`.${domain}`)) {
+ const redirectURLObj = new URL(redirectURI);
+
+ if (
+ !(redirectURLObj.hostname == rootDomain) &&
+ !redirectURLObj.hostname.endsWith(`.${rootDomain}`)
+ ) {
return (
@@ -64,7 +64,7 @@ export const ContinuePage = () => {
components={{
code: