Redirect to original url after account creation

Author: dmitrizagidulin

lib/api/accounts/user-accounts.js

@@ -31,33 +31,6 @@ function checkAccountExists (accountManager) {
   }
 }
 
-/**
- * Returns an Express middleware handler for creating a new user account
- * (POST /api/accounts/new).
- *
- * @param accountManager {AccountManager}
- *
- * @return {Function}
- */
-function createAccount (accountManager) {
-  return (req, res, next) => {
-    let request
-
-    try {
-      request = CreateAccountRequest.fromParams(req, res, accountManager)
-    } catch (err) {
-      err.status = err.status || 400
-      return next(err)
-    }
-
-    return request.createAccount()
-      .catch(err => {
-        err.status = err.status || 400
-        next(err)
-      })
-  }
-}
-
 /**
  * Returns an Express middleware handler for intercepting any GET requests
  * for first time users (in single user mode), and redirecting them to the
@@ -132,7 +105,8 @@ function middleware (accountManager) {
       })
   }
 
-  router.post('/api/accounts/new', bodyParser, createAccount(accountManager))
+  router.post('/api/accounts/new', bodyParser, CreateAccountRequest.post)
+  router.get(['/register', '/api/accounts/new'], CreateAccountRequest.get)
 
   router.post('/api/accounts/cert', bodyParser, newCertificate(accountManager))
 
@@ -142,7 +116,6 @@ function middleware (accountManager) {
 module.exports = {
   middleware,
   checkAccountExists,
-  createAccount,
   firstTimeSignupRedirect,
   newCertificate
 }

lib/api/authn/webid-oidc.js

@@ -6,7 +6,6 @@
 const express = require('express')
 const debug = require('../../debug')
 const util = require('../../utils')
-const url = require('url')
 const error = require('../../http-error')
 const bodyParser = require('body-parser').urlencoded({ extended: false })
 
@@ -44,11 +43,6 @@ function middleware (oidc) {
   router.get(['/login', '/signin'], LoginByPasswordRequest.get)
   router.post(['/login', '/signin'], bodyParser, LoginByPasswordRequest.post)
 
-  router.get('/register', (req, res) => {
-    let params = Object.assign({}, req.query, { authParams: url.parse(req.url).query })
-    res.render('account/register', params)
-  })
-
   router.get('/goodbye', (req, res) => {
     res.render('auth/goodbye')
   })

lib/requests/create-account-request.js

@@ -4,8 +4,8 @@ const WebIdTlsCertificate = require('../models/webid-tls-certificate')
 const debug = require('../debug').accounts
 
 /**
- * Represents a 'create new user account' http request (a POST to the
- * `/accounts/api/new` endpoint).
+ * Represents a 'create new user account' http request (either a POST to the
+ * `/accounts/api/new` endpoint, or a GET to `/register`).
  *
  * Intended just for browser-based requests; to create new user accounts from
  * a command line, use the `AccountManager` class directly.
@@ -23,12 +23,15 @@ class CreateAccountRequest {
    * @param [options.userAccount] {UserAccount}
    * @param [options.session] {Session} e.g. req.session
    * @param [options.response] {HttpResponse}
+   * @param [options.returnToUrl] {string} If present, redirect the agent to
+   *   this url on successful account creation
    */
   constructor (options) {
     this.accountManager = options.accountManager
     this.userAccount = options.userAccount
     this.session = options.session
     this.response = options.response
+    this.returnToUrl = options.returnToUrl
   }
 
   /**
@@ -37,33 +40,35 @@ class CreateAccountRequest {
    *
    * @param req
    * @param res
-   * @param accountManager {AccountManager}
    *
    * @throws {Error} If required parameters are missing (via
    *   `userAccountFrom()`), or it encounters an unsupported authentication
    *   scheme.
    *
    * @return {CreateAccountRequest|CreateTlsAccountRequest}
    */
-  static fromParams (req, res, accountManager) {
-    if (!req.app || !req.app.locals) {
-      throw new Error('Missing req.app.local params')
+  static fromParams (req, res) {
+    if (!req.body.username) {
+      throw new Error('Username required to create an account')
     }
 
-    let authMethod = req.app.locals.authMethod
+    let locals = req.app.locals
+    let accountManager = locals.accountManager
+    let authMethod = locals.authMethod
+    let returnToUrl = CreateAccountRequest.parseReturnUrl(req)
     let userAccount = accountManager.userAccountFrom(req.body)
 
     let options = {
       accountManager,
       userAccount,
       session: req.session,
-      response: res
+      response: res,
+      returnToUrl
     }
 
     switch (authMethod) {
       case 'oidc':
         options.password = req.body.password
-        let locals = req.app.locals
         options.userStore = locals.oidc.users
         return new CreateOidcAccountRequest(options)
       case 'tls':
@@ -74,6 +79,48 @@ class CreateAccountRequest {
     }
   }
 
+  static renderView (response, returnToUrl, error) {
+    let params = { returnToUrl }
+
+    if (error) {
+      response.status(error.statusCode || 400)
+      params.error = error.message
+    }
+
+    response.render('account/register', params)
+  }
+
+  static parseReturnUrl (req) {
+    let body = req.body || {}
+    if (body.returnToUrl) { return req.body.returnToUrl }
+
+    if (req.query && req.query.returnToUrl) { return req.query.returnToUrl }
+
+    return null
+  }
+
+  static post (req, res) {
+    let request
+    let returnToUrl = req.body.returnToUrl
+
+    try {
+      request = CreateAccountRequest.fromParams(req, res)
+    } catch (error) {
+      return CreateAccountRequest.renderView(res, returnToUrl, error)
+    }
+
+    return request.createAccount()
+      .catch(error => {
+        CreateAccountRequest.renderView(res, returnToUrl, error)
+      })
+  }
+
+  static get (req, res) {
+    let returnToUrl = req.query.returnToUrl
+
+    CreateAccountRequest.renderView(res, returnToUrl)
+  }
+
   /**
    * Creates an account for a given user (from a POST to `/api/accounts/new`)
    *
@@ -150,11 +197,6 @@ class CreateAccountRequest {
       })
   }
 
-  error (error) {
-    // Default error handler, to be overriden in subclasses
-    throw error
-  }
-
   /**
    * Initializes the session with the newly created user's credentials
    *
@@ -200,13 +242,6 @@ class CreateOidcAccountRequest extends CreateAccountRequest {
     this.userStore = options.userStore
   }
 
-  error (error) {
-    let res = this.response
-    let params = Object.assign({}, this.authQueryParams, { error: error.message })
-    res.statusCode(error.statusCode || 400)
-    res.render('auth/login', params)
-  }
-
   /**
    * Generate salted password hash, etc.
    *
@@ -223,8 +258,9 @@ class CreateOidcAccountRequest extends CreateAccountRequest {
   }
 
   sendResponse (userAccount) {
-    let res = this.response
-    res.sendStatus(201)
+    let redirectUrl = this.returnToUrl ||
+      this.accountManager.accountUriFor(userAccount.username)
+    this.response.redirect(redirectUrl)
   }
 }
 

test/integration/account-creation-oidc.js

@@ -90,7 +90,7 @@ describe('AccountManager (OIDC account creation tests)', function () {
       var subdomain = supertest('https://nicola.' + host)
       subdomain.post('/api/accounts/new')
         .send('username=nicola&password=12345')
-        .expect(201)
+        .expect(302)
         .end((err, res) => {
           if (err) {
             return done(err)
@@ -102,13 +102,13 @@ describe('AccountManager (OIDC account creation tests)', function () {
               done(err)
             })
         })
-    }).timeout(20000)
+    })
 
     it('should create the default folders', function (done) {
       var subdomain = supertest('https://nicola.' + host)
       subdomain.post('/api/accounts/new')
         .send('username=nicola&password=12345')
-        .expect(201)
+        .expect(302)
         .end(function (err) {
           if (err) {
             return done(err)
@@ -139,7 +139,7 @@ describe('AccountManager (OIDC account creation tests)', function () {
       var subdomain = supertest('https://nicola.' + host)
       subdomain.post('/api/accounts/new')
         .send('username=nicola&password=12345')
-        .expect(201)
+        .expect(302)
         .end(function (err) {
           if (err) {
             return done(err)

test/unit/add-cert-request.js

@@ -111,7 +111,7 @@ describe('AddCertificateRequest', () => {
           expect(graph.anyStatementMatching(key, ns.cert('exponent')))
             .to.exist
         })
-    })
+    }).timeout(3000)
   })
 })