Merge pull request #3515 from OpenNeuroOrg/orcid-redirect-fix

nellh · web-flow · commit 0d8d13626ef3 · 2025-07-07T12:26:49.000-07:00
Preserve browser location on ORCID logins
diff --git a/packages/openneuro-server/src/libs/authentication/orcid.ts b/packages/openneuro-server/src/libs/authentication/orcid.ts
@@ -4,9 +4,11 @@ import * as Sentry from "@sentry/node"
 import { userMigration } from "./user-migration"
 import User from "../../models/user"
 
-export const requestAuth = passport.authenticate("orcid", {
-  session: false,
-})
+export const requestAuth = (req, res, next) =>
+  passport.authenticate("orcid", {
+    session: false,
+    state: req.query.redirectPath || null,
+  })(req, res, next)
 
 /**
  * Complete a successful login
@@ -30,41 +32,44 @@ export function completeRequestLogin(req, res, next, user) {
 }
 
 export const authCallback = (req, res, next) =>
-  passport.authenticate("orcid", async (err, user) => {
-    if (err) {
-      Sentry.captureException(err)
-      if (err.type) {
-        return res.redirect(`/error/orcid/${err.type}`)
-      } else {
-        return res.redirect("/error/orcid/unknown")
+  passport.authenticate(
+    "orcid",
+    async (err, user) => {
+      if (err) {
+        Sentry.captureException(err)
+        if (err.type) {
+          return res.redirect(`/error/orcid/${err.type}`)
+        } else {
+          return res.redirect("/error/orcid/unknown")
+        }
+      }
+      if (!user) {
+        return res.redirect("/")
       }
-    }
-    if (!user) {
-      return res.redirect("/")
-    }
 
-    try {
-      // adds new date for login/lastSeen
-      await User.findByIdAndUpdate(user._id, { lastSeen: new Date() })
-    } catch (error: unknown) {
-      if (error instanceof Error) {
-        Sentry.captureException(error)
-      } else {
-        Sentry.captureException(new Error(String(error)))
+      try {
+        // adds new date for login/lastSeen
+        await User.findByIdAndUpdate(user._id, { lastSeen: new Date() })
+      } catch (error: unknown) {
+        if (error instanceof Error) {
+          Sentry.captureException(error)
+        } else {
+          Sentry.captureException(new Error(String(error)))
+        }
+        // Don't block the login flow
       }
-      // Don't block the login flow
-    }
 
-    // Google user
-    const existingAuth = parsedJwtFromRequest(req)
-    if (
-      existingAuth && existingAuth.provider === "google" &&
-      existingAuth.exp * 1000 > Date.now()
-    ) {
-      return userMigration(user.providerId, existingAuth.sub).then(() => {
+      // Google user
+      const existingAuth = parsedJwtFromRequest(req)
+      if (
+        existingAuth && existingAuth.provider === "google" &&
+        existingAuth.exp * 1000 > Date.now()
+      ) {
+        return userMigration(user.providerId, existingAuth.sub).then(() => {
+          return completeRequestLogin(req, res, next, user)
+        })
+      } else {
         return completeRequestLogin(req, res, next, user)
-      })
-    } else {
-      return completeRequestLogin(req, res, next, user)
-    }
-  })(req, res, next)
+      }
+    },
+  )(req, res, next)
