vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-06 03:45:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Redirect to login when session expires

Browse source
This commit is contained in:
emanuele-f 2018-03-27 15:16:30 +02:00
parent e49fe2ec80
commit 3a1728414d
3 changed files with 25 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

25
src/HTTPserver.cpp
View file

@ -382,6 +382,20 @@ static int isCaptiveURL(char *url) {
else
return(0);
}
/* ****************************************** */
static bool isStaticResourceUrl(const struct mg_request_info *request_info, u_int len) {
if((len >= 3 && (!strncmp(&request_info->uri[len - 3], ".js", 3)))
|| (len >= 4 && (!strncmp(&request_info->uri[len - 4], ".css", 4)
|| !strncmp(&request_info->uri[len - 4], ".map", 4)
|| !strncmp(&request_info->uri[len - 4], ".ttf", 4)))
|| (len >= 6 && (!strncmp(&request_info->uri[len - 6], ".woff2", 6))))
return true;
return false;
}
/* ****************************************** */
// Redirect user to the login form. In the cookie, store the original URL
@ -656,11 +670,7 @@ static int handle_lua_request(struct mg_connection *conn) {
whitelisted = isWhitelistedURI(request_info->uri);
authorized = is_authorized(conn, request_info, username, sizeof(username));
if((len >= 3 && (!strncmp(&request_info->uri[len - 3], ".js", 3)))
|| (len >= 4 && (!strncmp(&request_info->uri[len - 4], ".css", 4)
|| !strncmp(&request_info->uri[len - 4], ".map", 4)
|| !strncmp(&request_info->uri[len - 4], ".ttf", 4)))
|| (len >= 6 && (!strncmp(&request_info->uri[len - 6], ".woff2", 6))))
if(isStaticResourceUrl(request_info, len))
;
else if((!whitelisted) && (!authorized)) {
if(conn->client.lsa.sin.sin_port == ntop->get_HTTPserver()->getSplashPort())
@ -669,7 +679,10 @@ static int handle_lua_request(struct mg_connection *conn) {
"Location: %s%s?referer=%s\r\n\r\n",
ntop->getPrefs()->get_http_prefix(), BANNED_SITE_URL,
mg_get_header(conn, "Host"));
else
else if(strcmp(request_info->uri, NETWORK_LOAD_URL) == 0) {
// avoid sending login redirect to allow js itself to redirect the user
return(send_error(conn, 403 /* Forbidden */, request_info->uri, "Login Required"));
} else
redirect_to_login(conn, request_info, mg_get_header(conn, "Host") ?
mg_get_header(conn, "Host"): (char*)"");