(core) Fix session handling when redirected to login when visiting a doc on a team site

Summary:
When redirecting to login, it's important to have a valid session set. This was
done by middleware that only applies to home pages. We need to set session to
live when redirecting in case of doc pages too.

Test Plan: Added a test case for fixed behavior by applying an existing case to doc pages too

Reviewers: paulfitz

Reviewed By: paulfitz

Differential Revision: https://phab.getgrist.com/D2915
This commit is contained in:
Dmitry S 2021-07-15 17:23:15 -04:00
parent 1ce5e98996
commit 6c114ef439

View File

@ -271,6 +271,9 @@ export function redirectToLoginUnconditionally(
) {
return async (req: Request, resp: Response, next: NextFunction) => {
const mreq = req as RequestWithLogin;
// Tell express-session to set our cookie: session handling post-login relies on it.
mreq.session.alive = true;
// Redirect to sign up if it doesn't look like the user has ever logged in (on
// this browser) After logging in, `users` will be set in the session. Even after
// logging out again, `users` will still be set.