mirror of
https://github.com/fleetdm/fleet
synced 2026-05-02 19:07:38 +00:00
b1945b2128
Closes: https://github.com/fleetdm/confidential/issues/4057 Changes: - Added the contents of the fleet-vulnerability-dashboard repo to ee/vulnerability-dashboard - Added a github workflow to deploy the vulnerability dashboard on Heroku - Added a github workflow to test changes to the vulnerability-dashboard - Updated the website's custom configuration to enable auto-approvals/review requests to files in the ee/vulnerability-dashboard folder
49 lines
1.1 KiB
JavaScript
49 lines
1.1 KiB
JavaScript
/**
|
|
* unauthorized.js
|
|
*
|
|
* A custom response that content-negotiates the current request to either:
|
|
* • log out the current user and redirect them to the login page
|
|
* • or send back 401 (Unauthorized) with no response body.
|
|
*
|
|
* Example usage:
|
|
* ```
|
|
* return res.unauthorized();
|
|
* ```
|
|
*
|
|
* Or with actions2:
|
|
* ```
|
|
* exits: {
|
|
* badCombo: {
|
|
* description: 'That email address and password combination is not recognized.',
|
|
* responseType: 'unauthorized'
|
|
* }
|
|
* }
|
|
* ```
|
|
*/
|
|
module.exports = function unauthorized() {
|
|
|
|
var req = this.req;
|
|
var res = this.res;
|
|
|
|
|
|
sails.log.verbose('Ran custom response: res.unauthorized()');
|
|
|
|
if (req.wantsJSON) {
|
|
return res.sendStatus(401);
|
|
}
|
|
// Or log them out (if necessary) and then redirect to the login page.
|
|
else {
|
|
if(sails.config.custom.oktaClientSecret){
|
|
if (req.session.passport) {
|
|
delete req.session.passport;
|
|
}
|
|
} else {
|
|
if (req.session.userId) {
|
|
delete req.session.userId;
|
|
}
|
|
}
|
|
|
|
return res.redirect('/login');
|
|
}
|
|
|
|
};
|