diff options
| author | Giteabot <teabot@gitea.io> | 2023-07-19 00:35:16 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-07-19 04:35:16 +0000 |
| commit | 037a3f0d8c1a8142d8cd36b6b9d50bf13df9197d (patch) | |
| tree | 0c4dfdfc903eaebd3942fd05253d3c0415b979c1 | |
| parent | 227c3b67e0b635a1adad3437d8d911da79d40681 (diff) | |
| download | gitea-037a3f0d8c1a8142d8cd36b6b9d50bf13df9197d.tar.gz gitea-037a3f0d8c1a8142d8cd36b6b9d50bf13df9197d.zip | |
Show the mismatched ROOT_URL warning on the sign-in page if OAuth2 is enabled (#25947) (#25972)
Backport #25947 by @wolfogre
Since OAuth2 will callback the root URL, if the user starts signing in
from a wrong host, Gitea will return 500 because it cannot find the
session.
<details>
<summary>How to reproduce</summary>
<img width="901" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/2c2e255c-e13e-4a11-9be7-b226bee54920">
<img width="1014" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/b31cfcf6-a320-483d-9ce5-ba8562f065e1">
</details>
So show the mismatched ROOT_URL warning on the sign-in page if OAuth2 is
enabled.
<img width="1015" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/99e80b17-c790-49a3-bbf2-2bd9396a7daa">
Co-authored-by: Jason Song <i@wolfogre.com>
| -rw-r--r-- | web_src/js/features/admin/common.js | 1 | ||||
| -rw-r--r-- | web_src/js/features/common-global.js | 2 | ||||
| -rw-r--r-- | web_src/js/features/user-auth.js | 3 |
3 files changed, 4 insertions, 2 deletions
diff --git a/web_src/js/features/admin/common.js b/web_src/js/features/admin/common.js index b6b192a296..250608069b 100644 --- a/web_src/js/features/admin/common.js +++ b/web_src/js/features/admin/common.js @@ -10,7 +10,6 @@ export function initAdminCommon() { } // check whether appUrl(ROOT_URL) is correct, if not, show an error message - // only admin pages need this check because most templates are using relative URLs now checkAppUrl(); // New user diff --git a/web_src/js/features/common-global.js b/web_src/js/features/common-global.js index b621c9ba00..bcc097a89a 100644 --- a/web_src/js/features/common-global.js +++ b/web_src/js/features/common-global.js @@ -373,5 +373,5 @@ export function checkAppUrl() { return; } showGlobalErrorMessage(`Your ROOT_URL in app.ini is "${appUrl}", it's unlikely matching the site you are visiting. -Mismatched ROOT_URL config causes wrong URL links for web UI/mail content/webhook notification.`); +Mismatched ROOT_URL config causes wrong URL links for web UI/mail content/webhook notification/OAuth2 sign-in.`); } diff --git a/web_src/js/features/user-auth.js b/web_src/js/features/user-auth.js index e3ce4e56e4..af380dcfc7 100644 --- a/web_src/js/features/user-auth.js +++ b/web_src/js/features/user-auth.js @@ -1,10 +1,13 @@ import $ from 'jquery'; +import {checkAppUrl} from './common-global.js'; export function initUserAuthOauth2() { const outer = document.getElementById('oauth2-login-navigator'); if (!outer) return; const inner = document.getElementById('oauth2-login-navigator-inner'); + checkAppUrl(); + for (const link of outer.querySelectorAll('.oauth-login-link')) { link.addEventListener('click', () => { inner.classList.add('gt-invisible'); |