diff options
| author |  Alexis Degrugillier <aledeg@users.noreply.github.com>
| 2022-10-03 10:49:52 -0400 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2022-10-03 16:49:52 +0200 |
| commit | db4c2798ae7ab88d6745cfc7d8827d636a7d3ba3 (patch) | |
| tree | 6f27479f6443855f06c9264e9f36d6c1cb321e70 | |
| parent | a9d4c789311ee54f10ff2b483ad8804bd1de5286 (diff) | |
Allow redirection after login (#4654)
Before, if you've tried to reach a page without being logged, you'll be
automatically redirected to the index page after login.
Now, the original page is used after login.
Fix #3663
| -rw-r--r-- | app/Controllers/authController.php | 2 | ||||
| -rw-r--r-- | app/views/auth/formLogin.phtml | 1 | ||||
| -rw-r--r-- | lib/Minz/FrontController.php | 20 | ||||
| -rw-r--r-- | lib/Minz/Request.php | 9 | ||||
| -rw-r--r-- | lib/Minz/Url.php | 34 |
5 files changed, 46 insertions, 20 deletions
diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php index 932a1ed6d..3661e35cb 100644 --- a/app/Controllers/authController.php +++ b/app/Controllers/authController.php @@ -160,7 +160,7 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController { Minz_Translate::init(FreshRSS_Context::$user_conf->language); // All is good, go back to the index. - Minz_Request::good(_t('feedback.auth.login.success'), [ 'c' => 'index', 'a' => 'index' ]); + Minz_Request::good(_t('feedback.auth.login.success'), Minz_Url::unserialize(Minz_Request::param('original_request'))); } else { Minz_Log::warning("Password mismatch for user={$username}, nonce={$nonce}, c={$challenge}"); diff --git a/app/views/auth/formLogin.phtml b/app/views/auth/formLogin.phtml index e218d089d..872caac02 100644 --- a/app/views/auth/formLogin.phtml +++ b/app/views/auth/formLogin.phtml @@ -8,6 +8,7 @@ <form id="crypto-form" method="post" action="<?= _url('auth', 'login') ?>"> <input type="hidden" name="_csrf" value="<?= FreshRSS_Auth::csrfToken() ?>" /> + <input type="hidden" name="original_request" value="<?= Minz_Url::serialize(Minz_Request::originalRequest())?>" /> <div class="form-group"> <label for="username"><?= _t('gen.auth.username') ?></label> diff --git a/lib/Minz/FrontController.php b/lib/Minz/FrontController.php index 80fa5ce96..a5f73b59f 100644 --- a/lib/Minz/FrontController.php +++ b/lib/Minz/FrontController.php @@ -36,7 +36,7 @@ class Minz_FrontController { Minz_Request::init(); - $url = $this->buildUrl(); + $url = Minz_Url::build(); $url['params'] = array_merge ( $url['params'], $_POST @@ -51,24 +51,6 @@ class Minz_FrontController { } /** - * Returns an array representing the URL as passed in the address bar - * @return array URL representation - */ - private function buildUrl() { - $url = array(); - - $url['c'] = $_GET['c'] ?? Minz_Request::defaultControllerName(); - $url['a'] = $_GET['a'] ?? Minz_Request::defaultActionName(); - $url['params'] = $_GET; - - // post-traitement - unset($url['params']['c']); - unset($url['params']['a']); - - return $url; - } - - /** * Démarre l'application (lance le dispatcher et renvoie la réponse) */ public function run() { diff --git a/lib/Minz/Request.php b/lib/Minz/Request.php index 2ad02014f..62d042f28 100644 --- a/lib/Minz/Request.php +++ b/lib/Minz/Request.php @@ -15,6 +15,8 @@ class Minz_Request { private static $default_controller_name = 'index'; private static $default_action_name = 'index'; + private static $originalRequest; + /** * Getteurs */ @@ -92,6 +94,9 @@ class Minz_Request { 'params' => self::$params, ); } + public static function originalRequest() { + return self::$originalRequest; + } public static function modifiedCurrentRequest(array $extraParams = null) { $currentRequest = self::currentRequest(); if (null !== $extraParams) { @@ -327,6 +332,10 @@ class Minz_Request { * > sinon, le dispatcher recharge en interne */ public static function forward($url = array(), $redirect = false) { + if (Minz_Request::originalRequest() === null && strpos('auth', json_encode($url)) !== false) { + self::$originalRequest = $url; + } + if (!is_array($url)) { header('Location: ' . $url); exit(); diff --git a/lib/Minz/Url.php b/lib/Minz/Url.php index d6af50364..0780a636f 100644 --- a/lib/Minz/Url.php +++ b/lib/Minz/Url.php @@ -128,6 +128,40 @@ class Minz_Url { return $url_checked; } + + public static function serialize($url = []) { + try { + return base64_encode(json_encode($url, JSON_THROW_ON_ERROR)); + } catch (\Throwable $exception) { + return ''; + } + } + + public static function unserialize($url = '') { + try { + return json_decode(base64_decode($url), true, JSON_THROW_ON_ERROR); + } catch (\Throwable $exception) { + return ''; + } + } + + /** + * Returns an array representing the URL as passed in the address bar + * @return array URL representation + */ + public static function build () { + $url = [ + 'c' => $_GET['c'] ?? Minz_Request::defaultControllerName(), + 'a' => $_GET['a'] ?? Minz_Request::defaultActionName(), + 'params' => $_GET, + ]; + + // post-traitement + unset($url['params']['c']); + unset($url['params']['a']); + + return $url; + } } /** |