Ajout d'une page 'Non autorisée' et redirection automatique vers celle ci en cas d'accès via un compte non autorisé #26

Manually merged
wpetit merged 1 commits from feature/unauthorized-page into develop 2020-10-12 10:06:04 +02:00
4 changed files with 52 additions and 10 deletions
Showing only changes of commit 0859202987 - Show all commits

View File

@ -13,6 +13,7 @@ import { Modal } from './Modal';
import { createClient } from '../util/apollo';
import { ApolloProvider } from '@apollo/client';
import { LogoutPage } from './LogoutPage';
import { UnauthorizedPage } from './UnauthorizedPage/UnauthorizedPage';
export interface AppProps {
@ -41,6 +42,7 @@ export const App: FunctionComponent<AppProps> = () => {
<BrowserRouter>
<Switch>
<Route path="/" exact component={HomePage} />
<Route path="/unauthorized" exact component={UnauthorizedPage} />
<PrivateRoute path="/profile" exact component={ProfilePage} />
<PrivateRoute path="/workgroups/:id" exact component={WorkgroupPage} />
<PrivateRoute path="/decisions/:id" exact component={DecisionSupportFilePage} />

View File

@ -0,0 +1,37 @@
import React, { FunctionComponent } from 'react';
import { Config } from '../../config';
import { Page } from '../Page';
export interface UnauthorizedPageProps {
}
export const UnauthorizedPage:FunctionComponent<UnauthorizedPageProps> = () => {
return (
<Page title="Non autorisé">
<div className="container is-fluid">
<section className="section">
<div className="columns">
<div className="column is-6 is-offset-3">
<div className="message is-danger">
<div className="message-header">
<p><i className="fa fa-ban"></i> Non autorisé</p>
</div>
<div className="message-body">
<p>Vous n'êtes pas autorisé à accéder à cette page.</p>
<br />
<p>Votre compte est peut être désactivé, votre adresse courriel ne fait peut être
pas partie des domaines autorisés ou vous n'avez peut être pas les droits nécessaires pour effectuer cette opération.</p>
<div className="has-text-centered mt-5">
<a href={Config.logoutURL} className="is-warning button"><i className="fa fa-sign-out-alt"></i>&nbsp; Forcer la déconnexion</a>
</div>
</div>
</div>
</div>
</div>
</section>
</div>
</Page>
);
}

View File

@ -1,7 +1,6 @@
package route
import (
"fmt"
"net/http"
"forge.cadoles.com/Cadoles/daddy/internal/auth"
@ -80,11 +79,8 @@ func handleLoginCallback(w http.ResponseWriter, r *http.Request) {
}
if !authorized {
message := fmt.Sprintf(
"You are not authorized to access this application. Disconnect by navigating to %s.",
"http://"+r.Host+"/logout",
)
http.Error(w, message, http.StatusForbidden)
redirectURL := conf.HTTP.FrontendURL + "/unauthorized"
http.Redirect(w, r, redirectURL, http.StatusTemporaryRedirect)
return
}

View File

@ -72,10 +72,17 @@ func Mount(r *chi.Mux, config *config.Config) error {
}
// List of paths handled directly by the client
r.Get("/workgroups/*", serveClientIndex)
r.Get("/profile", serveClientIndex)
r.Get("/dashboard", serveClientIndex)
r.Get("/decisions/*", serveClientIndex)
clientRoutes := []string{
"/workgroups/*",
"/profile",
"/dashboard",
"/decisions/*",
"/unauthorized",
}
for _, cr := range clientRoutes {
r.Get(cr, serveClientIndex)
}
// Serve static files
notFoundHandler := r.NotFoundHandler()