Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gap 2587/redirect to404when not allowed on a page #440

Merged
merged 5 commits into from
Apr 16, 2024
Merged

Gap 2587/redirect to404when not allowed on a page #440

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
80e726d
GAP-2587: adds logic to handle redirection to 404 page
a-lor-cab Apr 12, 2024
8daaf7a
GAP-2587: address merge conflicts
a-lor-cab Apr 16, 2024
9c520ad
GAP-2587 | Apply suggestions from code review
ConorFayleTCO Apr 16, 2024
3cf015b
fix build and rm duplicate csrfMiddleware invocation
jgunnCO Apr 16, 2024
b052812
Merge branch 'develop' into GAP-2587/redirectTo404whenNotAllowedOnAPage
jgunnCO Apr 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 11 additions & 1 deletion packages/admin/src/middleware.page.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,16 @@ const authenticateRequest = async (req: NextRequest, res: NextResponse) => {
const authCookie = req.cookies.get('session_id');
const userJwtCookie = req.cookies.get(process.env.JWT_COOKIE_NAME);

if (!authCookie || !userJwtCookie) {
const isLoggedIn = !!userJwtCookie;
const isLoggedInAsAdmin = !!authCookie;
// means that the user is logged in but not as an admin/superAdmin (otherwise they would have had the session_id cookie set)
if (isLoggedIn && !isLoggedInAsAdmin) {
const url = getLoginUrl({ redirectTo404: true });
logger.info(
`User is not an admin - redirecting it to appropriate app 404 page`
);
return NextResponse.redirect(url, { status: 302 });
} else if (!isLoggedIn || !isLoggedInAsAdmin) {
let url = getLoginUrl();
if (isSubmissionExportLink(req)) {
url += `?${generateRedirectUrl(req)}`;
Expand All @@ -21,6 +30,7 @@ const authenticateRequest = async (req: NextRequest, res: NextResponse) => {
}

const isValidSession = await isValidAdminSession(authCookie);
//user has the session_id cookie set but not valid
if (!isValidSession) {
const url = getLoginUrl({ redirectToApplicant: true });
logger.info(`Admin session invalid - logging in via applicant app: ${url}`);
Expand Down
4 changes: 4 additions & 0 deletions packages/admin/src/utils/general.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,13 +28,17 @@ const getObjEntriesByKeySubstr = (substr: string, obj: object) => {

type GetLoginUrlOptions = {
redirectToApplicant?: boolean;
redirectTo404?: boolean;
};

const getLoginUrl = (options?: GetLoginUrlOptions) => {
const oneLoginEnabled = process.env.ONE_LOGIN_ENABLED === 'true';
if (options?.redirectToApplicant && oneLoginEnabled) {
return `${process.env.V2_LOGIN_URL}?redirectUrl=${process.env.APPLICANT_DOMAIN}/dashboard`;
}
if (options?.redirectTo404 && oneLoginEnabled) {
return `${process.env.V2_LOGIN_URL}?redirectUrl=/404`;
}
return oneLoginEnabled
? (process.env.V2_LOGIN_URL as string)
: (process.env.LOGIN_URL as string);
Expand Down
2 changes: 1 addition & 1 deletion packages/applicant/src/pages/404.page.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ const Custom404 = () => {
</p>
<p className="govuk-body">
To return to the dashboard, please visit the{' '}
<Link href="/" className="govuk-link">
<Link href="/dashboard" className="govuk-link">
dashboard
</Link>{' '}
page.
Expand Down
Loading