Redirect back to readonly node after successful login initiated by Geo

6f546738 · Gabriel Mazetto · a1b17f13 · 6f546738 · 6f546738 · 6f546738
Commit 6f546738 authored Jan 19, 2016 by Gabriel Mazetto
3 changed files
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -88,7 +88,7 @@ class ApplicationController < ActionController::Base
      flash[:alert] = "Your account is blocked. Retry when an admin has unblocked it."
      new_user_session_path
    else
-      stored_location_for(:redirect) || stored_location_for(resource) || root_path
+      stored_location_for(:geo_node) || stored_location_for(:redirect) || stored_location_for(resource) || root_path
    end
  end


--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -4,7 +4,7 @@ class SessionsController < Devise::SessionsController

  prepend_before_action :authenticate_with_two_factor, only: [:create]
  prepend_before_action :store_redirect_path, only: [:new]
-  prepend_before_action :gitlab_geo_auth, only: [:new]
+  before_action :gitlab_geo_auth, only: [:new]
  before_action :auto_sign_in_with_provider, only: [:new]
  before_action :load_recaptcha

@@ -45,25 +45,23 @@ class SessionsController < Devise::SessionsController
  end

  def store_redirect_path
-    redirect_path =
+    redirect_uri =
      if request.referer.present? && (params['redirect_to_referer'] == 'yes')
-        referer_uri = URI(request.referer)
-        if referer_uri.host == Gitlab.config.gitlab.host
-          referer_uri.path
-        else
-          request.fullpath
-        end
-      elsif session[:geo_redirect].present? && (params['redirect_to_referer'] == 'yes')
-        stored_location_for(:geo_redirect)
+        URI(request.referer)
      else
-        request.fullpath
+        URI(request.url)
      end

    # Prevent a 'you are already signed in' message directly after signing:
    # we should never redirect to '/users/sign_in' after signing in successfully.
-    unless redirect_path == new_user_session_path
-      store_location_for(:redirect, redirect_path)
+    if redirect_uri.path == new_user_session_path
+      redirect_to = root_url
+    elsif Gitlab::Geo.geo_node?(host: redirect_uri.host, port: redirect_uri.port)
+      redirect_to = redirect_url.to_s
    end
+
+    @redirect_to = redirect_to
+    store_location_for(:redirect, redirect_to)
  end

  def authenticate_with_two_factor
@@ -90,11 +88,11 @@ class SessionsController < Devise::SessionsController

  def gitlab_geo_auth
    if !signed_in? && Gitlab::Geo.enabled? && Gitlab::Geo.readonly?
-      # reuse location from :store_redirect_path to share with primary node by shared session
-      store_location_for(:geo_redirect, stored_location_for(:redirect))
+      # share full url with primary node by shared session
+      session[:geo_node_return_to] = @redirect_to

-      login_uri =  URI.join(Gitlab::Geo.primary_node.uri, new_session_path(:user, redirect_to_referer: 'yes'))
-      redirect_to login_uri.to_s
+      login_uri =  URI.join(Gitlab::Geo.primary_node.uri, new_session_path(:user)).to_s
+      redirect_to login_uri
    end
  end


--- a/lib/gitlab/geo.rb
+++ b/lib/gitlab/geo.rb
@@ -17,5 +17,9 @@ module Gitlab
    def self.readonly?
      self.enabled? && !self.current_node.primary?
    end
+
+    def self.geo_node?(host: host, port: port)
+      GeoNode.where(host: host, port: port).exists?
+    end
  end
 end