feat: restrict redirectUrls for CAS login (#2118)

* feat: support cas restricted login * feat: add cas login i18n * feat: add CheckCasService for all cas api * feat: gofumpt * feat: replace 404 * feat: reuse i18n * feat: delete CheckCasService * Update token_cas.go * Update LoginPage.js * Update token_cas.go --------- Co-authored-by: hsluoyz <hsluoyz@qq.com>
2025-07-02 11:20:18 +08:00 · 2023-07-24 11:47:31 +08:00
parent 8669d5bb0d
commit b7a37126ad
4 changed files with 29 additions and 6 deletions
--- a/controllers/organization.go
+++ b/controllers/organization.go
@ -183,6 +183,8 @@ func (c *ApiController) DeleteOrganization() {
 func (c *ApiController) GetDefaultApplication() {
 	userId := c.GetSessionUsername()
 	id := c.Input().Get("id")
+	redirectUri := c.Input().Get("redirectUri")
+	typ := c.Input().Get("type")

 	application, err := object.GetDefaultApplication(id)
 	if err != nil {
@ -190,6 +192,14 @@ func (c *ApiController) GetDefaultApplication() {
 		return
 	}

+	if typ == "cas" {
+		err = object.CheckCasRestrict(application, c.GetAcceptLanguage(), redirectUri)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+	}
+
 	maskedApplication := object.GetMaskedApplication(application, userId)
 	c.ResponseOk(maskedApplication)
 }