From 38f89cb1441376da77b35b08158db9405aad738b Mon Sep 17 00:00:00 2001 From: Joram Wilander Date: Fri, 6 Jan 2017 09:00:21 -0500 Subject: Fix MFA enforcement redirect loop (#4991) --- webapp/routes/route_root.jsx | 25 +++---------------------- webapp/routes/route_team.jsx | 5 +++++ webapp/routes/route_utils.jsx | 26 ++++++++++++++++++++++++++ 3 files changed, 34 insertions(+), 22 deletions(-) (limited to 'webapp/routes') diff --git a/webapp/routes/route_root.jsx b/webapp/routes/route_root.jsx index f72e35302..cd0cb9a5d 100644 --- a/webapp/routes/route_root.jsx +++ b/webapp/routes/route_root.jsx @@ -13,7 +13,6 @@ import helpRoute from 'routes/route_help.jsx'; import BrowserStore from 'stores/browser_store.jsx'; import ErrorStore from 'stores/error_store.jsx'; -import UserStore from 'stores/user_store.jsx'; import * as UserAgent from 'utils/user_agent.jsx'; import {browserHistory} from 'react-router/es6'; @@ -31,28 +30,10 @@ function preLogin(nextState, replace, callback) { callback(); } -const mfaPaths = [ - '/mfa/setup', - '/mfa/confirm' -]; - -const mfaAuthServices = [ - '', - 'email', - 'ldap' -]; - function preLoggedIn(nextState, replace, callback) { - if (window.mm_license.MFA === 'true' && - window.mm_config.EnableMultifactorAuthentication === 'true' && - window.mm_config.EnforceMultifactorAuthentication === 'true' && - mfaPaths.indexOf(nextState.location.pathname) === -1) { - const user = UserStore.getCurrentUser(); - if (user && !user.mfa_active && - mfaAuthServices.indexOf(user.auth_service) !== -1) { - browserHistory.push('/mfa/setup'); - return; - } + if (RouteUtils.checkIfMFARequired(nextState)) { + browserHistory.push('/mfa/setup'); + return; } ErrorStore.clearLastError(); diff --git a/webapp/routes/route_team.jsx b/webapp/routes/route_team.jsx index 8416b91c0..4cc85c81b 100644 --- a/webapp/routes/route_team.jsx +++ b/webapp/routes/route_team.jsx @@ -61,6 +61,11 @@ function doChannelChange(state, replace, callback) { } function preNeedsTeam(nextState, replace, callback) { + if (RouteUtils.checkIfMFARequired(nextState)) { + browserHistory.push('/mfa/setup'); + return; + } + // First check to make sure you're in the current team // for the current url. const teamName = nextState.params.team; diff --git a/webapp/routes/route_utils.jsx b/webapp/routes/route_utils.jsx index f3a159cbc..f36d7bcd8 100644 --- a/webapp/routes/route_utils.jsx +++ b/webapp/routes/route_utils.jsx @@ -2,6 +2,7 @@ // See License.txt for license information. import * as Utils from 'utils/utils.jsx'; +import UserStore from 'stores/user_store.jsx'; export function importComponentSuccess(callback) { return (comp) => callback(null, comp.default); @@ -18,3 +19,28 @@ export const notFoundParams = { linkmessage: Utils.localizeMessage('error.not_found.link_message', 'Back to Mattermost') }; +const mfaPaths = [ + '/mfa/setup', + '/mfa/confirm' +]; + +const mfaAuthServices = [ + '', + 'email', + 'ldap' +]; + +export function checkIfMFARequired(state) { + if (window.mm_license.MFA === 'true' && + window.mm_config.EnableMultifactorAuthentication === 'true' && + window.mm_config.EnforceMultifactorAuthentication === 'true' && + mfaPaths.indexOf(state.location.pathname) === -1) { + const user = UserStore.getCurrentUser(); + if (user && !user.mfa_active && + mfaAuthServices.indexOf(user.auth_service) !== -1) { + return true; + } + } + + return false; +} -- cgit v1.2.3-1-g7c22