attempt to fix auth linking regression

2023-07-10 12:18:17 -05:00 · 2023-07-10 12:18:17 -05:00 · 27833c9888
commit 27833c9888
parent 34ba823bd4
2 changed files with 5 additions and 37 deletions
--- a/pages/login.js
+++ b/pages/login.js
@ -7,15 +7,16 @@ import { isExternal } from '../lib/url'
 export async function getServerSideProps ({ req, res, query: { callbackUrl, error = null } }) {
  const session = await getSession({ req })

-  // assume external by default so we will use fallback callback
-  let external = true
+  // prevent open redirects. See https://github.com/stackernews/stacker.news/issues/264
+  // let undefined urls through without redirect ... otherwise this interferes with multiple auth linking
+  let external = callbackUrl !== undefined
  try {
    external = isExternal(decodeURIComponent(callbackUrl))
  } catch (err) {
    console.error('error decoding callback:', callbackUrl, err)
  }
+
  if (external) {
-    // This is a hotfix for open redirects. See https://github.com/stackernews/stacker.news/issues/264
    callbackUrl = '/'
  }

--- a/pages/signup.js
+++ b/pages/signup.js
@ -1,40 +1,7 @@
-import { providers, getSession } from 'next-auth/client'
 import Link from 'next/link'
 import LayoutStatic from '../components/layout-static'
 import Login from '../components/login'
-import { isExternal } from '../lib/url'
-
-export async function getServerSideProps ({ req, res, query: { callbackUrl, error = null } }) {
-  const session = await getSession({ req })
-
-  // assume external by default so we will use fallback callback
-  let external = true
-  try {
-    external = isExternal(decodeURIComponent(callbackUrl))
-  } catch (err) {
-    console.error('error decoding callback:', callbackUrl, err)
-  }
-  if (external) {
-    // This is a hotfix for open redirects. See https://github.com/stackernews/stacker.news/issues/264
-    callbackUrl = '/'
-  }
-
-  if (session && res && callbackUrl) {
-    res.writeHead(302, {
-      Location: callbackUrl
-    })
-    res.end()
-    return { props: {} }
-  }
-
-  return {
-    props: {
-      providers: await providers({ req, res }),
-      callbackUrl,
-      error
-    }
-  }
-}
+export { getServerSideProps } from '../components/login'

 function SignUpHeader () {
  return (