@node-red/editor-api 4.0.1 → 4.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/lib/auth/index.js +12 -6
  2. package/package.json +5 -5
package/lib/auth/index.js CHANGED
@@ -182,6 +182,10 @@ function genericStrategy(adminApp,strategy) {
182
182
  maxAge: null,
183
183
  ...settings.httpAdminCookieOptions
184
184
  }
185
+ if (sessionOptions.cookie.name){
186
+ sessionOptions.name = sessionOptions.cookie.name
187
+ delete sessionOptions.cookie.name
188
+ }
185
189
  }
186
190
  adminApp.use(session(sessionOptions));
187
191
  //TODO: all passport references ought to be in ./auth
@@ -217,10 +221,10 @@ function genericStrategy(adminApp,strategy) {
217
221
  adminApp.get('/auth/strategy',
218
222
  passport.authenticate(strategy.name, {
219
223
  session:false,
220
- failureMessage: true,
221
- failureRedirect: settings.httpAdminRoot + '?session_message=Login Failed'
224
+ failWithError: true,
225
+ failureMessage: true
222
226
  }),
223
- completeGenerateStrategyAuth,
227
+ completeGenericStrategyAuth,
224
228
  handleStrategyError
225
229
  );
226
230
 
@@ -232,14 +236,14 @@ function genericStrategy(adminApp,strategy) {
232
236
  passport.authenticate(strategy.name, {
233
237
  session:false,
234
238
  failureMessage: true,
235
- failureRedirect: settings.httpAdminRoot + '?session_message=Login Failed'
239
+ failWithError: true
236
240
  }),
237
- completeGenerateStrategyAuth,
241
+ completeGenericStrategyAuth,
238
242
  handleStrategyError
239
243
  );
240
244
 
241
245
  }
242
- function completeGenerateStrategyAuth(req,res) {
246
+ function completeGenericStrategyAuth(req,res) {
243
247
  var tokens = req.user.tokens;
244
248
  delete req.user.tokens;
245
249
  // Successful authentication, redirect home.
@@ -249,6 +253,8 @@ function handleStrategyError(err, req, res, next) {
249
253
  if (res.headersSent) {
250
254
  return next(err)
251
255
  }
256
+ // Remove the header that passport auto-adds as we don't need it
257
+ res.removeHeader('WWW-Authenticate')
252
258
  log.audit({event: "auth.login.fail.oauth",error:err.toString()});
253
259
  res.redirect(settings.httpAdminRoot + '?session_message='+err.toString());
254
260
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@node-red/editor-api",
3
- "version": "4.0.1",
3
+ "version": "4.0.3",
4
4
  "license": "Apache-2.0",
5
5
  "main": "./lib/index.js",
6
6
  "repository": {
@@ -16,14 +16,14 @@
16
16
  }
17
17
  ],
18
18
  "dependencies": {
19
- "@node-red/util": "4.0.1",
20
- "@node-red/editor-client": "4.0.1",
19
+ "@node-red/util": "4.0.3",
20
+ "@node-red/editor-client": "4.0.3",
21
21
  "bcryptjs": "2.4.3",
22
- "body-parser": "1.20.2",
22
+ "body-parser": "1.20.3",
23
23
  "clone": "2.1.2",
24
24
  "cors": "2.8.5",
25
25
  "express-session": "1.18.0",
26
- "express": "4.19.2",
26
+ "express": "4.21.0",
27
27
  "memorystore": "1.6.7",
28
28
  "mime": "3.0.0",
29
29
  "multer": "1.4.5-lts.1",