diff --git a/backend/controllers/shared/authenticate.js b/backend/controllers/shared/authenticate.js index 220de7b0..ab91f07d 100644 --- a/backend/controllers/shared/authenticate.js +++ b/backend/controllers/shared/authenticate.js @@ -53,8 +53,7 @@ export const authenticateUser = (req, res, next) => { res.status(406).json({ message: 'SSO Authentication Error', error: 'Login with Password is not allowed with SSO.' }); } else if (req.body.authenticateWith === 'PASSWORD') { - const cookieValue = common.readCookie(); - if (cookieValue.trim().length >= 32 && crypto.timingSafeEqual(Buffer.from(crypto.createHash('sha256').update(cookieValue).digest('hex'), 'utf-8'), Buffer.from(req.body.authenticationValue, 'utf-8'))) { + if (common.cookie_value.trim().length >= 32 && crypto.timingSafeEqual(Buffer.from(crypto.createHash('sha256').update(common.cookie_value).digest('hex'), 'utf-8'), Buffer.from(req.body.authenticationValue, 'utf-8'))) { common.refreshCookie(); if (!req.session.selectedNode) { req.session.selectedNode = common.initSelectedNode; diff --git a/backend/utils/common.js b/backend/utils/common.js index 3d10bf0a..17f30446 100644 --- a/backend/utils/common.js +++ b/backend/utils/common.js @@ -18,6 +18,7 @@ export class CommonService { this.rtl_sso = 0; this.rtl_cookie_path = ''; this.logout_redirect_link = ''; + this.cookie_value = ''; this.api_version = ''; this.secret_key = crypto.randomBytes(64).toString('hex'); this.read_dummy_data = false; @@ -282,7 +283,7 @@ export class CommonService { const exists = fs.existsSync(this.rtl_cookie_path); if (exists) { try { - return fs.readFileSync(this.rtl_cookie_path, 'utf-8'); + this.cookie_value = fs.readFileSync(this.rtl_cookie_path, 'utf-8'); } catch (err) { this.logger.log({ selectedNode: this.initSelectedNode, level: 'ERROR', fileName: 'Config', msg: 'Something went wrong while reading cookie: \n' + err }); @@ -294,7 +295,7 @@ export class CommonService { const directoryName = dirname(this.rtl_cookie_path); this.createDirectory(directoryName); fs.writeFileSync(this.rtl_cookie_path, crypto.randomBytes(64).toString('hex')); - return fs.readFileSync(this.rtl_cookie_path, 'utf-8'); + this.cookie_value = fs.readFileSync(this.rtl_cookie_path, 'utf-8'); } catch (err) { this.logger.log({ selectedNode: this.initSelectedNode, level: 'ERROR', fileName: 'Config', msg: 'Something went wrong while reading the cookie: \n' + err }); @@ -305,6 +306,7 @@ export class CommonService { this.refreshCookie = () => { try { fs.writeFileSync(this.rtl_cookie_path, crypto.randomBytes(64).toString('hex')); + this.cookie_value = fs.readFileSync(this.rtl_cookie_path, 'utf-8'); } catch (err) { this.logger.log({ selectedNode: this.initSelectedNode, level: 'ERROR', fileName: 'Common', msg: 'Something went wrong while refreshing cookie', error: err }); diff --git a/backend/utils/config.js b/backend/utils/config.js index dd96e6c5..4d690fdf 100644 --- a/backend/utils/config.js +++ b/backend/utils/config.js @@ -307,8 +307,13 @@ export class ConfigService { else if (config.SSO && config.SSO.logoutRedirectLink) { this.common.logout_redirect_link = config.SSO.logoutRedirectLink; } - if (+this.common.rtl_sso && (!this.common.rtl_cookie_path || this.common.rtl_cookie_path.trim() === '')) { - this.errMsg = 'Please set rtlCookiePath value for single sign on option!'; + if (+this.common.rtl_sso) { + if (!this.common.rtl_cookie_path || this.common.rtl_cookie_path.trim() === '') { + this.errMsg = 'Please set rtlCookiePath value for single sign on option!'; + } + else { + this.common.readCookie(); + } } }; this.setSelectedNode = (config) => { diff --git a/frontend/index.html b/frontend/index.html index 1242ccad..1d10de86 100644 --- a/frontend/index.html +++ b/frontend/index.html @@ -13,6 +13,6 @@