barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2025-11-03 07:35:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: correctly redirect to app and check for untrusted redirects

Browse Source
This commit is contained in:
Stavros
2025-05-14 20:56:24 +03:00
parent ada21776bc
commit 60093997dc
4 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
frontend/src/pages/continue-page.tsx
View File

@@ -42,7 +42,7 @@ export const ContinuePage = () => {
const url = new URL(redirectURI); const url = new URL(redirectURI);
if (!(url.hostname == domain) || !url.hostname.endsWith(`.${domain}`)) { if (!(url.hostname == domain) && !url.hostname.endsWith(`.${domain}`)) {
return ( return (
<Card className="min-w-xs sm:min-w-sm"> <Card className="min-w-xs sm:min-w-sm">
<CardHeader> <CardHeader>

5
frontend/src/pages/login-page.tsx
View File

@@ -43,7 +43,10 @@ export const LoginPage = () => {
const isMounted = useIsMounted(); const isMounted = useIsMounted();
const oauthMutation = useMutation({ const oauthMutation = useMutation({
mutationFn: (provider: string) => axios.get(`/api/oauth/url/${provider}`), mutationFn: (provider: string) =>
axios.get(
`/api/oauth/url/${provider}?redirect_uri=${encodeURIComponent(redirectUri ?? "")}`,
),
mutationKey: ["oauth"], mutationKey: ["oauth"],
onSuccess: (data) => { onSuccess: (data) => {
toast.info(t("loginOauthSuccessTitle"), { toast.info(t("loginOauthSuccessTitle"), {

4
frontend/src/pages/logout-page.tsx
View File

@@ -16,7 +16,7 @@ import { Navigate } from "react-router";
import { toast } from "sonner"; import { toast } from "sonner";
export const LogoutPage = () => { export const LogoutPage = () => {
const { provider, username, isLoggedIn } = useUserContext(); const { provider, username, isLoggedIn, email } = useUserContext();
const { genericName } = useAppContext(); const { genericName } = useAppContext();
const { t } = useTranslation(); const { t } = useTranslation();
@@ -56,7 +56,7 @@ export const LogoutPage = () => {
code: <code />, code: <code />,
}} }}
values={{ values={{
username: username, username: email,
provider: provider:
provider === "generic" ? genericName : capitalize(provider), provider === "generic" ? genericName : capitalize(provider),
}} }}

4
frontend/src/schemas/user-context-schema.ts
View File

@@ -3,8 +3,8 @@ import { z } from "zod";
export const userContextSchema = z.object({ export const userContextSchema = z.object({
isLoggedIn: z.boolean(), isLoggedIn: z.boolean(),
username: z.string(), username: z.string(),
// name: z.string(), not yet implemented name: z.string(),
// email: z.string(), email: z.string(),
provider: z.string(), provider: z.string(),
oauth: z.boolean(), oauth: z.boolean(),
totpPending: z.boolean(), totpPending: z.boolean(),