Store the URL that the user has come from in the redirect_uri query param

README.md

@@ -5,19 +5,19 @@ To run locally, run `npm run start-dev`. Make sure you have the following enviro
 
 AWS_ACCESS_KEY_ID
 AWS_SECRET_ACCESS_KEY
-LOGIN_URL
+VAULT_FRONTEND_URL
 LOGGING_URL
 JWT_SECRET
 
 Things to ensure:
 - That the JWT secret is the same as the one used in the original backend
-- The login url doesn't have to be the precise URL, it can just be vault.gov.sg, which will then trigger another redirect
 - logging_url is to note down all the actions done by the user
 
 To deploy, run `npm run build` and manually deploy the zip file to the appropriate env
 
 
 Original readme follows:
+
 # [![Firefox Send](./assets/icon.svg)](https://send.firefox.com/) Firefox Send
 
 [![CircleCI](https://img.shields.io/circleci/project/github/mozilla/send.svg)](https://circleci.com/gh/mozilla/send)

app/ui/header.js

@@ -27,7 +27,9 @@ class Header extends Component {
         : html`
             <a
               class="flex flex-row items-center"
-              href="${this.state.loginUrl || DEFAULTS.LOGIN_URL || '/'}"
+              href="${this.state.vaultFrontendUrl ||
+                window.DEFAULTS.VAULT_FRONTEND_URL ||
+                '/'}"
             >
               <img
                 alt="${this.state.translate('title')}"

server/clientConstants.js

@@ -17,6 +17,6 @@ module.exports = {
     DOWNLOAD_COUNTS: config.download_counts,
     EXPIRE_TIMES_SECONDS: config.expire_times_seconds,
     EXPIRE_SECONDS: config.default_expire_seconds,
-    LOGIN_URL: config.login_url
+    VAULT_FRONTEND_URL: config.vault_frontend_url
   }
 };

server/config.js

@@ -4,10 +4,10 @@ const path = require('path');
 const { randomBytes } = require('crypto');
 
 const conf = convict({
-  login_url: {
+  vault_frontend_url: {
     format: String,
-    default: 'http://localhost:8082',
-    env: 'LOGIN_URL'
+    default: 'http://localhost:1443',
+    env: 'VAULT_FRONTEND_URL'
   },
   s3_bucket: {
     format: String,

server/middleware/auth.js

@@ -75,17 +75,22 @@ module.exports = {
     return next();
   },
   vault: async function(req, res, next) {
+    const redirect_uri = `${
+      config.vault_frontend_url
+    }/login?redirect_uri=${encodeURIComponent(
+      req.protocol + '://' + req.get('host') + req.originalUrl
+    )}`;
     const token = req.cookies.authtoken;
     if (!token) {
       console.log('cookie has no authtoken');
-      return res.redirect(config.login_url);
+      return res.redirect(redirect_uri);
     }
     try {
       jwt.verify(token, config.jwt_secret, { algorithms: ['HS256'] });
       return next();
     } catch (err) {
       console.log('Failed jwt verification:', token);
-      return res.redirect(config.login_url);
+      return res.redirect(redirect_uri);
     }
   }
 };

server/state.js

@@ -34,7 +34,7 @@ module.exports = async function(req) {
     description:
       'Encrypt and send files with a link that automatically expires to ensure your important documents don’t stay on our servers forever.',
     baseUrl: config.base_url,
-    loginUrl: config.login_url,
+    vaultFrontendUrl: config.vault_frontend_url,
     ui: {},
     storage: {
       files: []