Redirect back from login after 403 (Not authorized)

main
Igor Scheller 3 years ago committed by msquare
parent c2c1a4d281
commit 657b44f9cf

@ -578,7 +578,7 @@ function AngelTypes_about_view($angeltypes, $user_logged_in)
$buttons[] = button(page_link_to('register'), register_title()); $buttons[] = button(page_link_to('register'), register_title());
} }
$buttons[] = button(page_link_to('login'), __('Login')); $buttons[] = button(page_link_to('login'), __('login.login'));
} }
$footerConfig = config('footer_items'); $footerConfig = config('footer_items');

@ -125,9 +125,12 @@ msgstr "Registrieren"
#: resources/views/layouts/parts/navbar.twig:43 #: resources/views/layouts/parts/navbar.twig:43
#: resources/views/pages/login.twig:4 resources/views/pages/login.twig:66 #: resources/views/pages/login.twig:4 resources/views/pages/login.twig:66
#: includes/view/AngelTypes_view.php:581 #: includes/view/AngelTypes_view.php:581
msgid "Login" msgid "login.login"
msgstr "Login" msgstr "Login"
msgid "page.403.login"
msgstr "Bitte melde dich an."
#: resources/views/macros/form.twig:17 #: resources/views/macros/form.twig:17
msgid "form.submit" msgid "form.submit"
msgstr "Absenden" msgstr "Absenden"

@ -27,6 +27,12 @@ msgstr "Your password is incorrect. Please try it again."
msgid "form.submit" msgid "form.submit"
msgstr "Submit" msgstr "Submit"
msgid "login.login"
msgstr "Login"
msgid "page.403.login"
msgstr "Please log in."
msgid "page.404.text" msgid "page.404.text"
msgstr "" msgstr ""
"This page could not be found or you don't have permission to view it. " "This page could not be found or you don't have permission to view it. "

@ -1,5 +1,15 @@
{% extends "errors/default.twig" %} {% extends "errors/default.twig" %}
{% import 'macros/base.twig' as m %}
{% block title %}{{ __("Forbidden") }}{% endblock %} {% block title %}{{ __("Forbidden") }}{% endblock %}
{% block content_headline_text %}{{ __("You are not allowed to access this page") }}{% endblock %} {% block content_headline_text %}{{ __("You are not allowed to access this page") }}{% endblock %}
{% block content_text %}
{% if is_guest() %}
{% do session_set('previous_page', request.url) %}
<p>{{ __('page.403.login') }}</p>
<p>{{ m.button(__('login.login'), url('login')) }}</p>
{% endif %}
{% endblock %}

@ -40,7 +40,7 @@
{% endif %} {% endif %}
{% if has_permission_to('login') %} {% if has_permission_to('login') %}
{{ _self.toolbar_item(__('Login'), url('login'), 'login', 'box-arrow-in-right') }} {{ _self.toolbar_item(__('login.login'), url('login'), 'login', 'box-arrow-in-right') }}
{% endif %} {% endif %}
{% if is_user() and has_permission_to('user_messages') %} {% if is_user() and has_permission_to('user_messages') %}

@ -1,7 +1,7 @@
{% extends "layouts/app.twig" %} {% extends "layouts/app.twig" %}
{% import 'macros/base.twig' as m %} {% import 'macros/base.twig' as m %}
{% block title %}{{ __('Login') }}{% endblock %} {% block title %}{{ __('login.login') }}{% endblock %}
{% block content %} {% block content %}
<div class="col-md-12"> <div class="col-md-12">
@ -66,7 +66,7 @@
<div class="mb-3 text-center"> <div class="mb-3 text-center">
<button class="btn btn-primary btn-lg btn-block" type="submit" name="submit"> <button class="btn btn-primary btn-lg btn-block" type="submit" name="submit">
{{ __('Login') }} {{ __('login.login') }}
</button> </button>
</div> </div>

@ -107,6 +107,8 @@ class AuthController extends BaseController
*/ */
public function loginUser(User $user): Response public function loginUser(User $user): Response
{ {
$previousPage = $this->session->get('previous_page');
$this->session->invalidate(); $this->session->invalidate();
$this->session->set('user_id', $user->id); $this->session->set('user_id', $user->id);
$this->session->set('locale', $user->settings->language); $this->session->set('locale', $user->settings->language);
@ -114,7 +116,7 @@ class AuthController extends BaseController
$user->last_login_at = new Carbon(); $user->last_login_at = new Carbon();
$user->save(['touch' => false]); $user->save(['touch' => false]);
return $this->redirect->to($this->config->get('home_site')); return $this->redirect->to($previousPage ?: $this->config->get('home_site'));
} }
/** /**

@ -26,6 +26,7 @@ class Session extends TwigExtension
{ {
return [ return [
new TwigFunction('session_get', [$this->session, 'get']), new TwigFunction('session_get', [$this->session, 'get']),
new TwigFunction('session_set', [$this->session, 'set']),
]; ];
} }
} }

@ -141,9 +141,9 @@ class AuthControllerTest extends TestCase
$session->set('foo', 'bar'); $session->set('foo', 'bar');
$user = $this->createUser(); $user = $this->createUser();
$redirect->expects($this->once()) $redirect->expects($this->exactly(2))
->method('to') ->method('to')
->with('news') ->withConsecutive(['news'], ['/test'])
->willReturn($response); ->willReturn($response);
$controller = new AuthController($response, $session, $redirect, $config, $auth); $controller = new AuthController($response, $session, $redirect, $config, $auth);
@ -152,6 +152,10 @@ class AuthControllerTest extends TestCase
$this->assertFalse($session->has('foo')); $this->assertFalse($session->has('foo'));
$this->assertNotNull($user->last_login_at); $this->assertNotNull($user->last_login_at);
$this->assertEquals(['user_id' => 42, 'locale' => 'de_DE'], $session->all()); $this->assertEquals(['user_id' => 42, 'locale' => 'de_DE'], $session->all());
// Redirect to previous page
$session->set('previous_page', '/test');
$controller->loginUser($user);
} }
/** /**

@ -21,5 +21,6 @@ class SessionTest extends ExtensionTest
$functions = $extension->getFunctions(); $functions = $extension->getFunctions();
$this->assertExtensionExists('session_get', [$session, 'get'], $functions); $this->assertExtensionExists('session_get', [$session, 'get'], $functions);
$this->assertExtensionExists('session_set', [$session, 'set'], $functions);
} }
} }

Loading…
Cancel
Save