redirect to admin login page when forward fails

mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-09-11 03:05:58 +03:00

currently, if the admin guard fails the user will get a 404 page.
and when the session times out after 20 minutes post methods will
give the reason "undefined" as a response while generating the support
string will fail without any user feedback.

this commit changes the error handling on admin pages

* by removing the reliance on Rockets forwarding and making the login
  page an explicit route that can be redirected to from all admin pages

* by removing the obsolete and mostly unused Referer struct we can
  redirect the user back to the requested admin page directley

* by providing an error message for json requests the
  `get_diagnostics_config` and all post methods can return a more
  comprehensible message and the user can be alerted

* the `admin_url()` function can be simplified because rfc2616 has been
  obsoleted by rfc7231 in 2014 (and also by the recently released
  rfc9110) which allows relative urls in the Location header.

  c.f. https://www.rfc-editor.org/rfc/rfc7231#section-7.1.2 and
  https://www.rfc-editor.org/rfc/rfc9110#section-10.2.2

This commit is contained in:

Stefan Melmuk

2022-11-27 00:00:01 +01:00

parent f3beaea9e9

commit fa7dbedd5d

4 changed files with 55 additions and 55 deletions

									
										1

src/api/mod.rs
									
												View File
												
				@@ -9,6 +9,7 @@ use rocket::serde::json::Json;

				use serde_json::Value;

				pub use crate::api::{

				    admin::catchers as admin_catchers,

				    admin::routes as admin_routes,

				    core::catchers as core_catchers,

				    core::purge_sends,

redirect to admin login page when forward fails

1 src/api/mod.rs Unescape Escape View File

1

src/api/mod.rs

View File