forked from gitea/gitea
Make "/user/login" page redirect if the current user has signed in (#29583)
Fix #29582 and maybe more. Maybe fix #29116
This commit is contained in:
parent
82875ae946
commit
df1268ca08
|
@ -123,9 +123,21 @@ func resetLocale(ctx *context.Context, u *user_model.User) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func RedirectAfterLogin(ctx *context.Context) {
|
||||||
|
redirectTo := ctx.FormString("redirect_to")
|
||||||
|
if redirectTo == "" {
|
||||||
|
redirectTo = ctx.GetSiteCookie("redirect_to")
|
||||||
|
}
|
||||||
|
middleware.DeleteRedirectToCookie(ctx.Resp)
|
||||||
|
nextRedirectTo := setting.AppSubURL + string(setting.LandingPageURL)
|
||||||
|
if setting.LandingPageURL == setting.LandingPageLogin {
|
||||||
|
nextRedirectTo = setting.AppSubURL + "/" // do not cycle-redirect to the login page
|
||||||
|
}
|
||||||
|
ctx.RedirectToFirst(redirectTo, nextRedirectTo)
|
||||||
|
}
|
||||||
|
|
||||||
func CheckAutoLogin(ctx *context.Context) bool {
|
func CheckAutoLogin(ctx *context.Context) bool {
|
||||||
// Check auto-login
|
isSucceed, err := autoSignIn(ctx) // try to auto-login
|
||||||
isSucceed, err := autoSignIn(ctx)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if errors.Is(err, auth_service.ErrAuthTokenInvalidHash) {
|
if errors.Is(err, auth_service.ErrAuthTokenInvalidHash) {
|
||||||
ctx.Flash.Error(ctx.Tr("auth.remember_me.compromised"), true)
|
ctx.Flash.Error(ctx.Tr("auth.remember_me.compromised"), true)
|
||||||
|
@ -138,17 +150,10 @@ func CheckAutoLogin(ctx *context.Context) bool {
|
||||||
redirectTo := ctx.FormString("redirect_to")
|
redirectTo := ctx.FormString("redirect_to")
|
||||||
if len(redirectTo) > 0 {
|
if len(redirectTo) > 0 {
|
||||||
middleware.SetRedirectToCookie(ctx.Resp, redirectTo)
|
middleware.SetRedirectToCookie(ctx.Resp, redirectTo)
|
||||||
} else {
|
|
||||||
redirectTo = ctx.GetSiteCookie("redirect_to")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if isSucceed {
|
if isSucceed {
|
||||||
middleware.DeleteRedirectToCookie(ctx.Resp)
|
RedirectAfterLogin(ctx)
|
||||||
nextRedirectTo := setting.AppSubURL + string(setting.LandingPageURL)
|
|
||||||
if setting.LandingPageURL == setting.LandingPageLogin {
|
|
||||||
nextRedirectTo = setting.AppSubURL + "/" // do not cycle-redirect to the login page
|
|
||||||
}
|
|
||||||
ctx.RedirectToFirst(redirectTo, nextRedirectTo)
|
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -163,6 +168,11 @@ func SignIn(ctx *context.Context) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ctx.IsSigned {
|
||||||
|
RedirectAfterLogin(ctx)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
oauth2Providers, err := oauth2.GetOAuth2Providers(ctx, optional.Some(true))
|
oauth2Providers, err := oauth2.GetOAuth2Providers(ctx, optional.Some(true))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ctx.ServerError("UserSignIn", err)
|
ctx.ServerError("UserSignIn", err)
|
||||||
|
|
|
@ -0,0 +1,43 @@
|
||||||
|
// Copyright 2024 The Gitea Authors. All rights reserved.
|
||||||
|
// SPDX-License-Identifier: MIT
|
||||||
|
|
||||||
|
package auth
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
"net/url"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"code.gitea.io/gitea/modules/test"
|
||||||
|
"code.gitea.io/gitea/services/contexttest"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestUserLogin(t *testing.T) {
|
||||||
|
ctx, resp := contexttest.MockContext(t, "/user/login")
|
||||||
|
SignIn(ctx)
|
||||||
|
assert.Equal(t, http.StatusOK, resp.Code)
|
||||||
|
|
||||||
|
ctx, resp = contexttest.MockContext(t, "/user/login")
|
||||||
|
ctx.IsSigned = true
|
||||||
|
SignIn(ctx)
|
||||||
|
assert.Equal(t, http.StatusSeeOther, resp.Code)
|
||||||
|
assert.Equal(t, "/", test.RedirectURL(resp))
|
||||||
|
|
||||||
|
ctx, resp = contexttest.MockContext(t, "/user/login?redirect_to=/other")
|
||||||
|
ctx.IsSigned = true
|
||||||
|
SignIn(ctx)
|
||||||
|
assert.Equal(t, "/other", test.RedirectURL(resp))
|
||||||
|
|
||||||
|
ctx, resp = contexttest.MockContext(t, "/user/login")
|
||||||
|
ctx.Req.AddCookie(&http.Cookie{Name: "redirect_to", Value: "/other-cookie"})
|
||||||
|
ctx.IsSigned = true
|
||||||
|
SignIn(ctx)
|
||||||
|
assert.Equal(t, "/other-cookie", test.RedirectURL(resp))
|
||||||
|
|
||||||
|
ctx, resp = contexttest.MockContext(t, "/user/login?redirect_to="+url.QueryEscape("https://example.com"))
|
||||||
|
ctx.IsSigned = true
|
||||||
|
SignIn(ctx)
|
||||||
|
assert.Equal(t, "/", test.RedirectURL(resp))
|
||||||
|
}
|
|
@ -79,7 +79,7 @@ func assertPagesMetas(t *testing.T, expectedNames []string, metas any) {
|
||||||
func TestWiki(t *testing.T) {
|
func TestWiki(t *testing.T) {
|
||||||
unittest.PrepareTestEnv(t)
|
unittest.PrepareTestEnv(t)
|
||||||
|
|
||||||
ctx, _ := contexttest.MockContext(t, "user2/repo1/wiki/?action=_pages")
|
ctx, _ := contexttest.MockContext(t, "user2/repo1/wiki")
|
||||||
ctx.SetParams("*", "Home")
|
ctx.SetParams("*", "Home")
|
||||||
contexttest.LoadRepo(t, ctx, 1)
|
contexttest.LoadRepo(t, ctx, 1)
|
||||||
Wiki(ctx)
|
Wiki(ctx)
|
||||||
|
|
|
@ -7,6 +7,7 @@ package contexttest
|
||||||
import (
|
import (
|
||||||
gocontext "context"
|
gocontext "context"
|
||||||
"io"
|
"io"
|
||||||
|
"maps"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/http/httptest"
|
"net/http/httptest"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
@ -36,7 +37,7 @@ func mockRequest(t *testing.T, reqPath string) *http.Request {
|
||||||
}
|
}
|
||||||
requestURL, err := url.Parse(path)
|
requestURL, err := url.Parse(path)
|
||||||
assert.NoError(t, err)
|
assert.NoError(t, err)
|
||||||
req := &http.Request{Method: method, URL: requestURL, Form: url.Values{}}
|
req := &http.Request{Method: method, URL: requestURL, Form: maps.Clone(requestURL.Query()), Header: http.Header{}}
|
||||||
req = req.WithContext(middleware.WithContextData(req.Context()))
|
req = req.WithContext(middleware.WithContextData(req.Context()))
|
||||||
return req
|
return req
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue