11import { buildInfo } from "api/queries/buildInfo" ;
2- import { regions } from "api/queries/regions" ;
2+ // import { regions } from "api/queries/regions";
33import { authMethods } from "api/queries/users" ;
44import { useAuthContext } from "contexts/auth/AuthProvider" ;
55import { useEmbeddedMetadata } from "hooks/useEmbeddedMetadata" ;
@@ -29,20 +29,18 @@ export const LoginPage: FC = () => {
2929 const navigate = useNavigate ( ) ;
3030 const { metadata } = useEmbeddedMetadata ( ) ;
3131 const buildInfoQuery = useQuery ( buildInfo ( metadata [ "build-info" ] ) ) ;
32- const regionsQuery = useQuery ( regions ( metadata . regions ) ) ;
33- const [ redirectError , setRedirectError ] = useState < Error | null > ( null ) ;
3432 let redirectUrl : URL | null = null ;
3533 try {
3634 redirectUrl = new URL ( redirectTo ) ;
3735 } catch {
3836 // Do nothing
3937 }
4038
41- const isApiRoute = redirectTo . startsWith ( "/api/v2" ) ;
42- const isLocalRedirect =
39+ const isApiRouteRedirect = redirectTo . startsWith ( "/api/v2" ) ;
40+ const isReactRedirect =
4341 ( ! redirectUrl ||
4442 ( redirectUrl && redirectUrl . host === window . location . host ) ) &&
45- ! isApiRoute ;
43+ ! isApiRouteRedirect ;
4644
4745 useEffect ( ( ) => {
4846 if ( ! buildInfoQuery . data || isSignedIn ) {
@@ -56,51 +54,12 @@ export const LoginPage: FC = () => {
5654 } ) ;
5755 } , [ isSignedIn , buildInfoQuery . data , user ?. id ] ) ;
5856
59- useEffect ( ( ) => {
60- if ( ! isSignedIn || ! regionsQuery . data || isLocalRedirect ) {
61- return ;
62- }
63-
64- const regions = regionsQuery . data . regions ;
65- // Process path app urls. They're in the form of https://dev.coder.com/test
66- const pathUrls = regions
67- ? regions
68- . map ( ( region ) => {
69- try {
70- return new URL ( region . path_app_url ) ;
71- } catch {
72- return null ;
73- }
74- } )
75- . filter ( ( url ) => url !== null )
76- : [ ] ;
77- // Process wildcard hostnames. They're in the form of `*.apps.dev.coder.com`.
78- const wildcardHostnames = regions
79- ? regions
80- . map ( ( region ) => region . wildcard_hostname )
81- . filter ( ( hostname ) => hostname !== "" )
82- // remove the leading '*' from the hostname
83- . map ( ( hostname ) => hostname . slice ( 1 ) )
84- : [ ] ;
85-
86- // Ensure the redirect url matches one of the allowed options.
87- const allowed =
88- // For path URLs ensure just the hosts match.
89- pathUrls . some ( ( url ) => url . host === window . location . host ) ||
90- // For wildcards, ensure just the suffixes match.
91- wildcardHostnames . some ( ( wildcard ) => redirectTo . endsWith ( wildcard ) ) ||
92- // API routes need to be manually set with href, since react's
93- // navigate will keep us within the SPA.
94- isApiRoute ;
95-
96- if ( allowed ) {
97- window . location . href = redirectTo ;
98- } else {
99- setRedirectError ( new Error ( "invalid redirect url" ) ) ;
100- }
101- } , [ isSignedIn , regionsQuery . data , redirectTo , isLocalRedirect , isApiRoute ] ) ;
102-
103- if ( isSignedIn && isLocalRedirect ) {
57+ if ( isSignedIn && ! isReactRedirect ) {
58+ const sanitizedUrl = new URL ( redirectTo , window . location . origin ) ;
59+ window . location . href = sanitizedUrl . pathname + sanitizedUrl . search ;
60+ return null ;
61+ }
62+ if ( isSignedIn && isReactRedirect ) {
10463 return (
10564 < Navigate to = { redirectUrl ? redirectUrl . pathname : redirectTo } replace />
10665 ) ;
@@ -117,10 +76,8 @@ export const LoginPage: FC = () => {
11776 </ Helmet >
11877 < LoginPageView
11978 authMethods = { authMethodsQuery . data }
120- error = { redirectError ?? signInError }
121- isLoading = {
122- isLoading || authMethodsQuery . isLoading || regionsQuery . isLoading
123- }
79+ error = { signInError }
80+ isLoading = { isLoading || authMethodsQuery . isLoading }
12481 buildInfo = { buildInfoQuery . data }
12582 isSigningIn = { isSigningIn }
12683 onSignIn = { async ( { email, password } ) => {
0 commit comments