parse-dashboard 5.0.0 → 5.1.0-alpha.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/Parse-Dashboard/Authentication.js +13 -8
- package/Parse-Dashboard/app.js +7 -2
- package/Parse-Dashboard/index.js +2 -0
- package/Parse-Dashboard/public/bundles/dashboard.bundle.js +1 -1
- package/Parse-Dashboard/public/bundles/login.bundle.js +1 -1
- package/Parse-Dashboard/server.js +2 -1
- package/README.md +2 -0
- package/package.json +1 -1
|
@@ -54,25 +54,30 @@ function initialize(app, options) {
|
|
|
54
54
|
});
|
|
55
55
|
|
|
56
56
|
var cookieSessionSecret = options.cookieSessionSecret || require('crypto').randomBytes(64).toString('hex');
|
|
57
|
+
const cookieSessionMaxAge = options.cookieSessionMaxAge;
|
|
57
58
|
app.use(require('connect-flash')());
|
|
58
59
|
app.use(require('body-parser').urlencoded({ extended: true }));
|
|
59
60
|
app.use(require('cookie-session')({
|
|
60
61
|
key : 'parse_dash',
|
|
61
62
|
secret : cookieSessionSecret,
|
|
62
|
-
|
|
63
|
-
maxAge: (2 * 7 * 24 * 60 * 60 * 1000) // 2 weeks
|
|
64
|
-
}
|
|
63
|
+
maxAge : cookieSessionMaxAge
|
|
65
64
|
}));
|
|
66
65
|
app.use(passport.initialize());
|
|
67
66
|
app.use(passport.session());
|
|
68
67
|
|
|
69
68
|
app.post('/login',
|
|
70
69
|
csrf(),
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
70
|
+
(req,res,next) => {
|
|
71
|
+
let redirect = 'apps';
|
|
72
|
+
if (req.body.redirect) {
|
|
73
|
+
redirect = req.body.redirect.charAt(0) === '/' ? req.body.redirect.substring(1) : req.body.redirect
|
|
74
|
+
}
|
|
75
|
+
return passport.authenticate('local', {
|
|
76
|
+
successRedirect: `${self.mountPath}${redirect}`,
|
|
77
|
+
failureRedirect: `${self.mountPath}login${req.body.redirect ? `?redirect=${req.body.redirect}` : ''}`,
|
|
78
|
+
failureFlash : true
|
|
79
|
+
})(req, res, next)
|
|
80
|
+
},
|
|
76
81
|
);
|
|
77
82
|
|
|
78
83
|
app.get('/logout', function(req, res){
|
package/Parse-Dashboard/app.js
CHANGED
|
@@ -68,7 +68,7 @@ module.exports = function(config, options) {
|
|
|
68
68
|
const users = config.users;
|
|
69
69
|
const useEncryptedPasswords = config.useEncryptedPasswords ? true : false;
|
|
70
70
|
const authInstance = new Authentication(users, useEncryptedPasswords, mountPath);
|
|
71
|
-
authInstance.initialize(app, { cookieSessionSecret: options.cookieSessionSecret });
|
|
71
|
+
authInstance.initialize(app, { cookieSessionSecret: options.cookieSessionSecret, cookieSessionMaxAge: options.cookieSessionMaxAge });
|
|
72
72
|
|
|
73
73
|
// CSRF error handler
|
|
74
74
|
app.use(function (err, req, res, next) {
|
|
@@ -173,8 +173,9 @@ module.exports = function(config, options) {
|
|
|
173
173
|
}
|
|
174
174
|
|
|
175
175
|
app.get('/login', csrf(), function(req, res) {
|
|
176
|
+
const redirectURL = req.url.includes('?redirect=') && req.url.split('?redirect=')[1].length > 1 && req.url.split('?redirect=')[1];
|
|
176
177
|
if (!users || (req.user && req.user.isAuthenticated)) {
|
|
177
|
-
return res.redirect(`${mountPath}apps`);
|
|
178
|
+
return res.redirect(`${mountPath}${redirectURL || 'apps'}`);
|
|
178
179
|
}
|
|
179
180
|
|
|
180
181
|
let errors = req.flash('error');
|
|
@@ -206,6 +207,10 @@ module.exports = function(config, options) {
|
|
|
206
207
|
// For every other request, go to index.html. Let client-side handle the rest.
|
|
207
208
|
app.get('/*', function(req, res) {
|
|
208
209
|
if (users && (!req.user || !req.user.isAuthenticated)) {
|
|
210
|
+
const redirect = req.url.replace('/login', '');
|
|
211
|
+
if (redirect.length > 1) {
|
|
212
|
+
return res.redirect(`${mountPath}login?redirect=${redirect}`);
|
|
213
|
+
}
|
|
209
214
|
return res.redirect(`${mountPath}login`);
|
|
210
215
|
}
|
|
211
216
|
if (users && req.user && req.user.matchingUsername ) {
|
package/Parse-Dashboard/index.js
CHANGED
|
@@ -28,6 +28,8 @@ program.option('--trustProxy [trustProxy]', 'set this flag when you are behind a
|
|
|
28
28
|
program.option('--cookieSessionSecret [cookieSessionSecret]', 'set the cookie session secret, defaults to a random string. You should set that value if you want sessions to work across multiple server, or across restarts');
|
|
29
29
|
program.option('--createUser', 'helper tool to allow you to generate secure user passwords and secrets. Use this on trusted devices only.');
|
|
30
30
|
program.option('--createMFA', 'helper tool to allow you to generate multi-factor authentication secrets.');
|
|
31
|
+
program.option('--cookieSessionMaxAge [cookieSessionMaxAge]', '(Optional) Sets the time in seconds for when the session cookie will be deleted and the dashboard user has to re-login; if no value is set then the cookie will be deleted when the browser session ends.');
|
|
32
|
+
|
|
31
33
|
program.action(async (options) => {
|
|
32
34
|
for (const key in options) {
|
|
33
35
|
const func = CLIHelper[key];
|