Redirect back from login after 403 (Not authorized)

3 years ago · 657b44f9cf
parent c2c1a4d281
commit 657b44f9cf
10 changed files with 35 additions and 8 deletions
--- a/includes/view/AngelTypes_view.php
+++ b/includes/view/AngelTypes_view.php
@ -578,7 +578,7 @@ function AngelTypes_about_view($angeltypes, $user_logged_in)
            $buttons[] = button(page_link_to('register'), register_title());
        }

-        $buttons[] = button(page_link_to('login'), __('Login'));
+        $buttons[] = button(page_link_to('login'), __('login.login'));
    }

    $footerConfig = config('footer_items');
--- a/resources/lang/de_DE/default.po
+++ b/resources/lang/de_DE/default.po
@ -125,9 +125,12 @@ msgstr "Registrieren"
 #: resources/views/layouts/parts/navbar.twig:43
 #: resources/views/pages/login.twig:4 resources/views/pages/login.twig:66
 #: includes/view/AngelTypes_view.php:581
-msgid "Login"
+msgid "login.login"
 msgstr "Login"

+msgid "page.403.login"
+msgstr "Bitte melde dich an."
+
 #: resources/views/macros/form.twig:17
 msgid "form.submit"
 msgstr "Absenden"
--- a/resources/lang/en_US/default.po
+++ b/resources/lang/en_US/default.po
@ -27,6 +27,12 @@ msgstr "Your password is incorrect. Please try it again."
 msgid "form.submit"
 msgstr "Submit"

+msgid "login.login"
+msgstr "Login"
+
+msgid "page.403.login"
+msgstr "Please log in."
+
 msgid "page.404.text"
 msgstr ""
 "This page could not be found or you don't have permission to view it. "
--- a/resources/views/errors/403.twig
+++ b/resources/views/errors/403.twig
@ -1,5 +1,15 @@
 {% extends "errors/default.twig" %}
+{% import 'macros/base.twig' as m %}

 {% block title %}{{ __("Forbidden") }}{% endblock %}

 {% block content_headline_text %}{{ __("You are not allowed to access this page") }}{% endblock %}
+
+{% block content_text %}
+    {% if is_guest() %}
+        {% do session_set('previous_page', request.url) %}
+
+        <p>{{ __('page.403.login') }}</p>
+        <p>{{ m.button(__('login.login'), url('login')) }}</p>
+    {% endif %}
+{% endblock %}
--- a/resources/views/layouts/parts/navbar.twig
+++ b/resources/views/layouts/parts/navbar.twig
@ -40,7 +40,7 @@
                {% endif %}

                {% if has_permission_to('login') %}
-                    {{ _self.toolbar_item(__('Login'), url('login'), 'login', 'box-arrow-in-right') }}
+                    {{ _self.toolbar_item(__('login.login'), url('login'), 'login', 'box-arrow-in-right') }}
                {% endif %}

                {% if is_user() and has_permission_to('user_messages') %}
--- a/resources/views/pages/login.twig
+++ b/resources/views/pages/login.twig
@ -1,7 +1,7 @@
 {% extends "layouts/app.twig" %}
 {% import 'macros/base.twig' as m %}

-{% block title %}{{ __('Login') }}{% endblock %}
+{% block title %}{{ __('login.login') }}{% endblock %}

 {% block content %}
    <div class="col-md-12">
@ -66,7 +66,7 @@

                            <div class="mb-3 text-center">
                                <button class="btn btn-primary btn-lg btn-block" type="submit" name="submit">
-                                    {{ __('Login') }}
+                                    {{ __('login.login') }}
                                </button>
                            </div>

--- a/src/Controllers/AuthController.php
+++ b/src/Controllers/AuthController.php
@ -107,6 +107,8 @@ class AuthController extends BaseController
     */
    public function loginUser(User $user): Response
    {
+        $previousPage = $this->session->get('previous_page');
+
        $this->session->invalidate();
        $this->session->set('user_id', $user->id);
        $this->session->set('locale', $user->settings->language);
@ -114,7 +116,7 @@ class AuthController extends BaseController
        $user->last_login_at = new Carbon();
        $user->save(['touch' => false]);

-        return $this->redirect->to($this->config->get('home_site'));
+        return $this->redirect->to($previousPage ?: $this->config->get('home_site'));
    }

    /**
--- a/src/Renderer/Twig/Extensions/Session.php
+++ b/src/Renderer/Twig/Extensions/Session.php
@ -26,6 +26,7 @@ class Session extends TwigExtension
    {
        return [
            new TwigFunction('session_get', [$this->session, 'get']),
+            new TwigFunction('session_set', [$this->session, 'set']),
        ];
    }
 }
--- a/tests/Unit/Controllers/AuthControllerTest.php
+++ b/tests/Unit/Controllers/AuthControllerTest.php
@ -141,9 +141,9 @@ class AuthControllerTest extends TestCase
        $session->set('foo', 'bar');
        $user = $this->createUser();

-        $redirect->expects($this->once())
+        $redirect->expects($this->exactly(2))
            ->method('to')
-            ->with('news')
+            ->withConsecutive(['news'], ['/test'])
            ->willReturn($response);

        $controller = new AuthController($response, $session, $redirect, $config, $auth);
@ -152,6 +152,10 @@ class AuthControllerTest extends TestCase
        $this->assertFalse($session->has('foo'));
        $this->assertNotNull($user->last_login_at);
        $this->assertEquals(['user_id' => 42, 'locale' => 'de_DE'], $session->all());
+
+        // Redirect to previous page
+        $session->set('previous_page', '/test');
+        $controller->loginUser($user);
    }

    /**
--- a/tests/Unit/Renderer/Twig/Extensions/SessionTest.php
+++ b/tests/Unit/Renderer/Twig/Extensions/SessionTest.php
@ -21,5 +21,6 @@ class SessionTest extends ExtensionTest
        $functions = $extension->getFunctions();

        $this->assertExtensionExists('session_get', [$session, 'get'], $functions);
+        $this->assertExtensionExists('session_set', [$session, 'set'], $functions);
    }
 }