Comments (8)
dziraf
commented on July 26, 2024
1
I'll try to fix this ASAP (probably tomorrow). If this is critical for you, you can in the meantime create an express middleware to protect your admin router
from adminjs-expressjs.
dklymenk
commented on July 26, 2024
1
Everything seems to be working correctly now.
Thank you for the fix. And thank you for this project.
from adminjs-expressjs.
dziraf
commented on July 26, 2024
1
You're welcome. Just leaving one extra note for if you want to extend AdminJS router with extra endpoints in the future.
Currently, if you added a custom endpoint, the middleware would return a redirect to the loginPath. If you want to add custom routes, you might have to modify your setup a bit. In my case I have a /refresh endpoint for refreshing a session with external API service. In order to make it work but also have access to user's session I have to create express router manually and pass it to buildAuthenticatedRouter:
const ConnectSession = ConnectPgSimple(session);
const sessionStore = new ConnectSession({
conObject: {
database: config.db.database,
host: config.db.host,
port: config.db.port,
user: config.db.username,
password: config.db.password,
ssl: config.db.ssl,
},
tableName: 'session',
});
const sessionOptions = {
store: sessionStore,
cookie: {
httpOnly: config.session.httpOnly,
secure: config.session.secure,
},
saveUninitialized: config.session.saveUninitialized,
resave: config.session.resave,
unset: config.session.unset,
secret: config.session.cookiePassword,
name: config.session.cookieName,
};
const router = express.Router();
router.use(session(sessionOptions));
router.get('/refresh', refresh);
AdminJSExpress.buildAuthenticatedRouter(adminJs as any, {
cookieName: config.session.cookieName,
cookiePassword: config.session.cookiePassword,
authenticate,
}, router, sessionOptions);
app.use(adminOptions.rootPath ?? '/admin', router);
from adminjs-expressjs.
dklymenk
commented on July 26, 2024
I am not sure if I am doing something wrong, but I have updated to 4.1.1 and now applying any query param via UI (sort or filter by field) throws this alert and logs me out.
Must be a regression from #81 .
from adminjs-expressjs.
dziraf
commented on July 26, 2024
@dklymenk can you show how your url is structured? I've just retested and http://localhost:3000/resources/cases?filters.sex=male&page=1 works for me
from adminjs-expressjs.
dklymenk
commented on July 26, 2024
Example URL I get when clicking on description field: http://localhost:3000/admin/resources/Report?direction=asc&sortBy=description
Example URL I get when applying a filter: http://localhost:3000/admin/resources/Report?filters.status=UPLOADED&page=1
from adminjs-expressjs.
dklymenk
commented on July 26, 2024
Yeah, it seems not to be the case if set rootPath to /. Only when I set it back to /admin I get this behaviour.
from adminjs-expressjs.
dziraf
commented on July 26, 2024
I've just released another version and added an additional unit test for a different root path, can you take a look?
from adminjs-expressjs.
Related Issues (20)
- Logging in no longer redirects to previous page
- TypeError: AdminJSExpress.buildAuthenticatedRouter is not a function HOT 3
- Changing the root path breaks login redirect HOT 2
- Redirect to previously visited page after login HOT 2
- There is no documentation or way how to redirect to custom Login page HOT 1
- rootPath as slash causes endless redirect loop HOT 1
- Option to use cookie-session. HOT 1
- Unable to use nestjs and admin-bro in the same app due to body-parser and formidable. HOT 2
- Don't redirect using POST on login HOT 2
- Boot timeout - Deploy to Heroku HOT 1
- Express issue + improvement HOT 3
- missing tslib dependency
- buildAuthenticatedRouter not working correctly in 4.0.2 HOT 1
- Typescript import does not work as intended HOT 1
- Library not working with @4.1.0 for some reason HOT 1
- express-session deprecated undefined resave option & undefined saveUninitialized option. HOT 3
- Trailing slash on rootPath not taken into account by authentication
- express-session deprecated pass resave option HOT 1
- If `auth.authenticate` throws error whole app crashes
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from adminjs-expressjs.