From a838ca7d3d690b6ec033e0d5ce4e96ef1238ae08 Mon Sep 17 00:00:00 2001 From: Ashraf Mohammed Date: Wed, 25 Oct 2023 23:12:34 +0530 Subject: [PATCH 1/8] go back to previous url after session expiration --- src/Components/Auth/Login.tsx | 8 +++++++- src/Redux/fireRequest.tsx | 2 ++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/src/Components/Auth/Login.tsx b/src/Components/Auth/Login.tsx index 140a0013fd9..7b3a0bc237d 100644 --- a/src/Components/Auth/Login.tsx +++ b/src/Components/Auth/Login.tsx @@ -109,7 +109,13 @@ export const Login = (props: { forgot?: boolean }) => { window.location.pathname === "/" || window.location.pathname === "/login" ) { - window.location.href = "/facility"; + const lastPath = localStorage.getItem("lastPath"); + if (lastPath) { + localStorage.removeItem("lastPath"); + window.location.href = lastPath; + } else { + window.location.href = "/facility"; + } } else { window.location.href = window.location.pathname.toString(); } diff --git a/src/Redux/fireRequest.tsx b/src/Redux/fireRequest.tsx index 3d8c677d47d..7974150c16a 100644 --- a/src/Redux/fireRequest.tsx +++ b/src/Redux/fireRequest.tsx @@ -152,6 +152,8 @@ export const fireRequest = ( if (error.response.status > 400 && error.response.status < 500) { if (error.response.data && error.response.data.detail) { if (error.response.data.code === "token_not_valid") { + //store the path before session expiry in local storage + localStorage.setItem("lastPath", window.location.href); window.location.href = "/session-expired"; } Notification.Error({ From 99743498b9f118fd5106ff3a357a8b57ce50f093 Mon Sep 17 00:00:00 2001 From: Ashraf Mohammed Date: Thu, 26 Oct 2023 15:03:05 +0530 Subject: [PATCH 2/8] add query parameters instead of localstorage --- src/Components/Auth/Login.tsx | 13 ++++++------- src/Redux/fireRequest.tsx | 4 +--- src/Utils/utils.ts | 5 ++++- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/src/Components/Auth/Login.tsx b/src/Components/Auth/Login.tsx index 7b3a0bc237d..ca63419f59f 100644 --- a/src/Components/Auth/Login.tsx +++ b/src/Components/Auth/Login.tsx @@ -109,13 +109,12 @@ export const Login = (props: { forgot?: boolean }) => { window.location.pathname === "/" || window.location.pathname === "/login" ) { - const lastPath = localStorage.getItem("lastPath"); - if (lastPath) { - localStorage.removeItem("lastPath"); - window.location.href = lastPath; - } else { - window.location.href = "/facility"; - } + const redirectParam = new URLSearchParams(window.location.search).get( + "redirect" + ); + redirectParam + ? (window.location.href = redirectParam.toString()) + : (window.location.href = "/facility"); } else { window.location.href = window.location.pathname.toString(); } diff --git a/src/Redux/fireRequest.tsx b/src/Redux/fireRequest.tsx index 7974150c16a..7505407b8ce 100644 --- a/src/Redux/fireRequest.tsx +++ b/src/Redux/fireRequest.tsx @@ -152,9 +152,7 @@ export const fireRequest = ( if (error.response.status > 400 && error.response.status < 500) { if (error.response.data && error.response.data.detail) { if (error.response.data.code === "token_not_valid") { - //store the path before session expiry in local storage - localStorage.setItem("lastPath", window.location.href); - window.location.href = "/session-expired"; + window.location.href = `/session-expired?redirect=${window.location.pathname}`; } Notification.Error({ msg: error.response.data.detail, diff --git a/src/Utils/utils.ts b/src/Utils/utils.ts index 3aef5b03d67..a0b18becd56 100644 --- a/src/Utils/utils.ts +++ b/src/Utils/utils.ts @@ -107,7 +107,10 @@ export const handleSignOut = (forceReload: boolean) => { Object.values(LocalStorageKeys).forEach((key) => localStorage.removeItem(key) ); - navigate("/"); + const redirectURL = new URLSearchParams(window.location.search).get( + "redirect" + ); + redirectURL ? navigate(`/?redirect=${redirectURL}`) : navigate("/"); if (forceReload) window.location.reload(); }; From 932b9d8de52a2402a868e7627a038be4e1334921 Mon Sep 17 00:00:00 2001 From: Ashraf Mohammed Date: Thu, 26 Oct 2023 15:14:23 +0530 Subject: [PATCH 3/8] resolve cross scripting --- src/Components/Auth/Login.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Components/Auth/Login.tsx b/src/Components/Auth/Login.tsx index ca63419f59f..b631cdd951d 100644 --- a/src/Components/Auth/Login.tsx +++ b/src/Components/Auth/Login.tsx @@ -113,7 +113,7 @@ export const Login = (props: { forgot?: boolean }) => { "redirect" ); redirectParam - ? (window.location.href = redirectParam.toString()) + ? (window.location.href = window.location.origin + redirectParam) : (window.location.href = "/facility"); } else { window.location.href = window.location.pathname.toString(); From 9ddf21d28dc15421c43cb727c4138c793f90bb4b Mon Sep 17 00:00:00 2001 From: Ashraf Mohammed Date: Thu, 26 Oct 2023 15:28:58 +0530 Subject: [PATCH 4/8] use newURL instead of string manipulation --- src/Components/Auth/Login.tsx | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/Components/Auth/Login.tsx b/src/Components/Auth/Login.tsx index b631cdd951d..0539ecc85ec 100644 --- a/src/Components/Auth/Login.tsx +++ b/src/Components/Auth/Login.tsx @@ -113,7 +113,10 @@ export const Login = (props: { forgot?: boolean }) => { "redirect" ); redirectParam - ? (window.location.href = window.location.origin + redirectParam) + ? (window.location.href = new URL( + redirectParam, + window.location.origin + ).toString()) : (window.location.href = "/facility"); } else { window.location.href = window.location.pathname.toString(); From 38ee5623ad623e14866ef8802a2ae899056bdcf9 Mon Sep 17 00:00:00 2001 From: Ashraf Mohammed Date: Fri, 27 Oct 2023 17:11:54 +0530 Subject: [PATCH 5/8] check origin while redirecting --- src/Components/Auth/Login.tsx | 16 ++++++++++------ src/Redux/fireRequest.tsx | 2 +- src/Utils/request/handleResponse.ts | 2 +- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/src/Components/Auth/Login.tsx b/src/Components/Auth/Login.tsx index 0539ecc85ec..d93cc34501f 100644 --- a/src/Components/Auth/Login.tsx +++ b/src/Components/Auth/Login.tsx @@ -112,12 +112,16 @@ export const Login = (props: { forgot?: boolean }) => { const redirectParam = new URLSearchParams(window.location.search).get( "redirect" ); - redirectParam - ? (window.location.href = new URL( - redirectParam, - window.location.origin - ).toString()) - : (window.location.href = "/facility"); + try { + if ( + redirectParam && + new URL(redirectParam).origin === window.location.origin + ) + window.location.href = redirectParam; + else window.location.href = "/facility"; + } catch { + window.location.href = "/facility"; + } } else { window.location.href = window.location.pathname.toString(); } diff --git a/src/Redux/fireRequest.tsx b/src/Redux/fireRequest.tsx index 7505407b8ce..892e6bd2ee9 100644 --- a/src/Redux/fireRequest.tsx +++ b/src/Redux/fireRequest.tsx @@ -152,7 +152,7 @@ export const fireRequest = ( if (error.response.status > 400 && error.response.status < 500) { if (error.response.data && error.response.data.detail) { if (error.response.data.code === "token_not_valid") { - window.location.href = `/session-expired?redirect=${window.location.pathname}`; + window.location.href = `/session-expired?redirect=${window.location.href}`; } Notification.Error({ msg: error.response.data.detail, diff --git a/src/Utils/request/handleResponse.ts b/src/Utils/request/handleResponse.ts index 2ecad95ac88..8698919c869 100644 --- a/src/Utils/request/handleResponse.ts +++ b/src/Utils/request/handleResponse.ts @@ -29,7 +29,7 @@ export default function handleResponse( if (res.status >= 400) { // Invalid token if (!silent && error?.code === "token_not_valid") { - navigate("/session-expired"); + navigate(`/session-expired?redirect=${window.location.href}`); } notify?.Error({ msg: error?.detail || "Something went wrong...!" }); From 3e30c025b57ddad32e67ce4cca357aa29762588c Mon Sep 17 00:00:00 2001 From: Ashraf Mohammed Date: Fri, 27 Oct 2023 17:25:15 +0530 Subject: [PATCH 6/8] remove cross-site-scripting --- src/Components/Auth/Login.tsx | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/Components/Auth/Login.tsx b/src/Components/Auth/Login.tsx index d93cc34501f..0c9aa814cea 100644 --- a/src/Components/Auth/Login.tsx +++ b/src/Components/Auth/Login.tsx @@ -117,7 +117,8 @@ export const Login = (props: { forgot?: boolean }) => { redirectParam && new URL(redirectParam).origin === window.location.origin ) - window.location.href = redirectParam; + window.location.href = + window.location.origin + new URL(redirectParam).pathname; else window.location.href = "/facility"; } catch { window.location.href = "/facility"; From 51f9f9e252aba8e18b3b9c5ae4b7db97f7eac543 Mon Sep 17 00:00:00 2001 From: Ashraf Mohammed Date: Sat, 28 Oct 2023 13:24:02 +0530 Subject: [PATCH 7/8] convert the redirection into a function --- src/Components/Auth/Login.tsx | 16 ++-------------- src/Utils/utils.ts | 20 ++++++++++++++++++++ 2 files changed, 22 insertions(+), 14 deletions(-) diff --git a/src/Components/Auth/Login.tsx b/src/Components/Auth/Login.tsx index 0c9aa814cea..58472c4ff25 100644 --- a/src/Components/Auth/Login.tsx +++ b/src/Components/Auth/Login.tsx @@ -12,6 +12,7 @@ import CircularProgress from "../Common/components/CircularProgress"; import { LocalStorageKeys } from "../../Common/constants"; import ReactMarkdown from "react-markdown"; import rehypeRaw from "rehype-raw"; +import { handleRedirection } from "../../Utils/utils"; export const Login = (props: { forgot?: boolean }) => { const { @@ -109,20 +110,7 @@ export const Login = (props: { forgot?: boolean }) => { window.location.pathname === "/" || window.location.pathname === "/login" ) { - const redirectParam = new URLSearchParams(window.location.search).get( - "redirect" - ); - try { - if ( - redirectParam && - new URL(redirectParam).origin === window.location.origin - ) - window.location.href = - window.location.origin + new URL(redirectParam).pathname; - else window.location.href = "/facility"; - } catch { - window.location.href = "/facility"; - } + handleRedirection(); } else { window.location.href = window.location.pathname.toString(); } diff --git a/src/Utils/utils.ts b/src/Utils/utils.ts index a0b18becd56..8dc0b4147a4 100644 --- a/src/Utils/utils.ts +++ b/src/Utils/utils.ts @@ -114,6 +114,26 @@ export const handleSignOut = (forceReload: boolean) => { if (forceReload) window.location.reload(); }; +export const handleRedirection = () => { + const redirectParam = new URLSearchParams(window.location.search).get( + "redirect" + ); + try { + if (redirectParam) { + const redirectURL = new URL(redirectParam); + + if (redirectURL.origin === window.location.origin) { + const newPath = redirectURL.pathname + redirectURL.search; + window.location.href = `${window.location.origin}${newPath}`; + return; + } + } + window.location.href = "/facility"; + } catch { + window.location.href = "/facility"; + } +}; + /** * Referred from: https://stackoverflow.com/a/9039885/7887936 * @returns `true` if device is iOS, else `false` From 2babc749e3457841f4f8a61816da072d854914da Mon Sep 17 00:00:00 2001 From: Ashraf Mohammed Date: Tue, 31 Oct 2023 19:42:33 +0530 Subject: [PATCH 8/8] remove else redirection --- src/Utils/utils.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Utils/utils.ts b/src/Utils/utils.ts index 2a6609e389e..a96a4c65146 100644 --- a/src/Utils/utils.ts +++ b/src/Utils/utils.ts @@ -112,7 +112,6 @@ export const handleSignOut = (forceReload: boolean) => { ); redirectURL ? navigate(`/?redirect=${redirectURL}`) : navigate("/"); if (forceReload) window.location.href = "/"; - else navigate("/"); }; export const handleRedirection = () => {