Merge pull request #155 from clems4ever/block-logged-in-page
Block 'already logged in' page to unauthenticated userpull/157/head
commit
35b66ba630
|
@ -1,8 +1,13 @@
|
||||||
import Express = require("express");
|
import Express = require("express");
|
||||||
import Endpoints = require("../../../../../shared/api");
|
import Endpoints = require("../../../../../shared/api");
|
||||||
|
import FirstFactorBlocker from "../FirstFactorBlocker";
|
||||||
|
import BluebirdPromise = require("bluebird");
|
||||||
|
|
||||||
export default function(req: Express.Request, res: Express.Response) {
|
export default FirstFactorBlocker(handler);
|
||||||
|
|
||||||
|
function handler(req: Express.Request, res: Express.Response): BluebirdPromise<void> {
|
||||||
res.render("already-logged-in", {
|
res.render("already-logged-in", {
|
||||||
logout_endpoint: Endpoints.LOGOUT_GET
|
logout_endpoint: Endpoints.LOGOUT_GET
|
||||||
});
|
});
|
||||||
|
return BluebirdPromise.resolve();
|
||||||
}
|
}
|
|
@ -173,6 +173,10 @@ describe("Private pages of the server must not be accessible without session", f
|
||||||
it("should block " + Endpoints.SECOND_FACTOR_TOTP_POST, function () {
|
it("should block " + Endpoints.SECOND_FACTOR_TOTP_POST, function () {
|
||||||
return should_post_and_reply_with_401(BASE_URL + Endpoints.SECOND_FACTOR_TOTP_POST);
|
return should_post_and_reply_with_401(BASE_URL + Endpoints.SECOND_FACTOR_TOTP_POST);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it("should block " + Endpoints.LOGGED_IN, function () {
|
||||||
|
return should_get_and_reply_with_401(BASE_URL + Endpoints.LOGGED_IN);
|
||||||
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue