configure sso in nginx

3 years ago · 960033525d
parent 8868aec0dc
commit 960033525d
6 changed files with 9 additions and 37 deletions
--- a/core/admin/mailu/sso/init.py
+++ b/core/admin/mailu/sso/init.py
@ -1,6 +1,5 @@
 from flask import Blueprint

-
 sso = Blueprint('sso', __name__, static_folder='static', template_folder='templates')

 from mailu.sso.views import *
--- a/core/admin/mailu/sso/views/init.py
+++ b/core/admin/mailu/sso/views/init.py
@ -1,3 +1,3 @@
 __all__ = [
-    'base', 'hello'
+    'base'
 ]
--- a/core/admin/mailu/sso/views/hello.py
+++ b/core/admin/mailu/sso/views/hello.py
@ -1,6 +0,0 @@
-from mailu.sso import sso
-from flask import current_app as app
-
-@sso.route("/")
-def hello_world():
-    return "<p>Hello, World!</p>"
--- a/core/admin/mailu/ui/forms.py
+++ b/core/admin/mailu/ui/forms.py
@ -44,15 +44,6 @@ class MultipleEmailAddressesVerify(object):
 class ConfirmationForm(flask_wtf.FlaskForm):
    submit = fields.SubmitField(_('Confirm'))

-"""
-class LoginForm(flask_wtf.FlaskForm):
-    class Meta:
-        csrf = False
-    email = fields.StringField(_('E-mail'), [validators.Email()])
-    pw = fields.PasswordField(_('Password'), [validators.DataRequired()])
-    submit = fields.SubmitField(_('Sign in'))
-"""
-
 class DomainForm(flask_wtf.FlaskForm):
    name = fields.StringField(_('Domain name'), [validators.DataRequired()])
    max_users = fields_.IntegerField(_('Maximum user count'), [validators.NumberRange(min=-1)], default=10)
--- a/core/admin/mailu/ui/views/base.py
+++ b/core/admin/mailu/ui/views/base.py
@ -11,24 +11,6 @@ import flask_login
 def index():
    return flask.redirect(flask.url_for('.user_settings'))

-
-""" 
-@ui.route('/login', methods=['GET', 'POST'])
-def login():
-    form = forms.LoginForm()
-    if form.validate_on_submit():
-        user = models.User.login(form.email.data, form.pw.data)
-        if user:
-            flask.session.regenerate()
-            flask_login.login_user(user)
-            endpoint = flask.request.args.get('next', '.index')
-            return flask.redirect(flask.url_for(endpoint)
-                or flask.url_for('.index'))
-        else:
-            flask.flash('Wrong e-mail or password', 'error')
-    return flask.render_template('login.html', form=form)
-"""
-
@ui.route('/logout', methods=['GET'])
@access.authenticated
 def logout():
--- a/core/nginx/conf/nginx.conf
+++ b/core/nginx/conf/nginx.conf
@ -117,10 +117,16 @@ http {
      include /overrides/*.conf;

      # Actual logic
-      location /sso {
+      location ^~ /sso {
        include /etc/nginx/proxy.conf;
        proxy_set_header   Host $host;
-        proxy_pass http://$admin/sso;
+        proxy_pass http://$admin;
+      }
+      location ^~ {{ WEB_ADMIN }}/sso {
+        include /etc/nginx/proxy.conf;
+        rewrite ^{{ WEB_ADMIN }}/(.*)$ /$1 break;
+        proxy_set_header   Host $host;
+        proxy_pass http://$admin;
      }

      {% if WEB_WEBMAIL != '/' and WEBROOT_REDIRECT != 'none' %}