diff --git a/services/auth/server/boot/routes.js b/services/auth/server/boot/routes.js index 39864da206..00165863dc 100644 --- a/services/auth/server/boot/routes.js +++ b/services/auth/server/boot/routes.js @@ -10,10 +10,11 @@ module.exports = function(app) { }); app.post('/login', function(req, res) { - let user = req.body.user ? req.body.user : ""; - let password = req.body.password; + let body = req.body; + let user = body.user; + let password = body.password; let syncOnFail = true; - let usesEmail = user.indexOf('@') !== -1; + let usesEmail = user && user.indexOf('@') !== -1; login(); @@ -38,26 +39,23 @@ module.exports = function(app) { return; } - let parsedLocation; let loginUrl; - let shouldContinue = false; + let continueUrl; - if (req.body.location) - parsedLocation = url.parse(req.body.location, true); - - if (parsedLocation && parsedLocation.query) { - loginUrl = applications[parsedLocation.query.apiKey]; - shouldContinue = parsedLocation.query.continue; - } - + try { + let query = url.parse(req.body.location, true).query; + loginUrl = applications[query.apiKey]; + continueUrl = query.continue; + } catch (e) {} + if (!loginUrl) loginUrl = applications.default; - res.json({ + res.send(JSON.stringify({ token: token.id, - continue: shouldContinue, + continue: continueUrl, loginUrl: loginUrl - }); + })); } function findCb(err, instance) { if (!instance || instance.password !== md5(password)) { @@ -78,9 +76,9 @@ module.exports = function(app) { } function badLogin() { res.status(401); - res.json({ + res.send(JSON.stringify({ message: 'Login failed' - }); + })); } });