Vuln dashboard: Update Okta SSO hook (#17773)

Closes: #17772 More context: #17601 (comment) Changes: - Updated the order of the vulnerability dashboard's HTTP middleware if Okta SSO is enabled.
fleetdm · Mar 22, 2024 · 413107b · 413107b
1 parent 0d8b51a
commit 413107b
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/...lity-dashboard/api/hooks/OktaSSO/index.js → ...ity-dashboard/api/hooks/okta-sso/index.js b/...lity-dashboard/api/hooks/OktaSSO/index.js → ...ity-dashboard/api/hooks/okta-sso/index.js
@@ -35,6 +35,7 @@ module.exports = function (sails){
       }
 
       // Clone the existing routes
+      // NOTE: Changing sails.config after the app lifts goes against Sails.js conventions and this code should not be reproduced.
       let appRoutes = Object.assign({}, sails.config.routes);
       // Remove the routes for the built-in login page..
       delete appRoutes['GET /login'];
@@ -45,9 +46,9 @@ module.exports = function (sails){
         'bodyParser',
         'compress',
         'poweredBy',
+        'www',// Note: This changes the conventions of Sails.js. Don't ever replicate this or use Passport.js.
         'oktaSSO',
         'router',
-        'www',
         'favicon',
       ];
       // Specify a custom http middleware order, placing the Okta middleware before the router. This is so the routes generated by Okta will take precedence over the sails router.