mirror/outline
1
0
Fork 0
mirror of https://github.com/outline/outline.git synced 2026-05-08 02:50:30 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: Add option as to whether state cookie is considered for team context (#9831)

Browse Source 
* fix: Do not consider host in cookies state unless its a workspace subdomain

* fix: Add option as to whether state cookie is considered in team context
This commit is contained in:
Tom Moor
2025-08-04 19:50:32 -04:00
committed by GitHub
parent 2f418e7c2e
commit 8dc6bcba22
4 changed files with 27 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/utils/passport.ts
+16 -2
View File
@@ -131,10 +131,24 @@ export function getClientFromContext(ctx: Context): Client {
return client === Client.Desktop ? Client.Desktop : Client.Web;
}
export async function getTeamFromContext(ctx: Context) {
type TeamFromContextOptions = {
/**
* Whether to consider the state cookie in the context when determining the team.
* If true, the state cookie will be parsed to determine the host and infer the team
* this should only be used in the authentication process.
*/
includeStateCookie?: boolean;
};
export async function getTeamFromContext(
ctx: Context,
options: TeamFromContextOptions = { includeStateCookie: true }
) {
// "domain" is the domain the user came from when attempting auth
// we use it to infer the team they intend on signing into
const state = ctx.cookies.get("state");
const state = options.includeStateCookie
? ctx.cookies.get("state")
: undefined;
const host = state ? parseState(state).host : ctx.hostname;
const domain = parseDomain(host);