From d25ff0d695dcc5ab62441c61a2e3b26ad607d721 Mon Sep 17 00:00:00 2001 From: zeripath Date: Sat, 25 Dec 2021 13:31:23 +0000 Subject: [PATCH] Reset locale on login (#17734) (#18100) Backport #17734 When logging in reset the user's locale to ensure that it matches their preferred locale. Fix #15612 Signed-off-by: Andrew Thornton --- modules/context/api.go | 3 +++ modules/context/context.go | 3 +++ routers/web/user/auth.go | 4 ++++ 3 files changed, 10 insertions(+) diff --git a/modules/context/api.go b/modules/context/api.go index 7fff8e834..9b1e27f93 100644 --- a/modules/context/api.go +++ b/modules/context/api.go @@ -223,6 +223,9 @@ func APIAuth(authMethod auth.Auth) func(*APIContext) { // Get user from session if logged in. ctx.User = authMethod.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session) if ctx.User != nil { + if ctx.Locale.Language() != ctx.User.Language { + ctx.Locale = middleware.Locale(ctx.Resp, ctx.Req) + } ctx.IsBasicAuth = ctx.Data["AuthedMethod"].(string) == new(auth.Basic).Name() ctx.IsSigned = true ctx.Data["IsSigned"] = ctx.IsSigned diff --git a/modules/context/context.go b/modules/context/context.go index 82771b0c2..5dcf2e755 100644 --- a/modules/context/context.go +++ b/modules/context/context.go @@ -642,6 +642,9 @@ func Auth(authMethod auth.Auth) func(*Context) { return func(ctx *Context) { ctx.User = authMethod.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session) if ctx.User != nil { + if ctx.Locale.Language() != ctx.User.Language { + ctx.Locale = middleware.Locale(ctx.Resp, ctx.Req) + } ctx.IsBasicAuth = ctx.Data["AuthedMethod"].(string) == new(auth.Basic).Name() ctx.IsSigned = true ctx.Data["IsSigned"] = ctx.IsSigned diff --git a/routers/web/user/auth.go b/routers/web/user/auth.go index 12a688b82..72b4d82d3 100644 --- a/routers/web/user/auth.go +++ b/routers/web/user/auth.go @@ -584,6 +584,10 @@ func handleSignInFull(ctx *context.Context, u *models.User, remember bool, obeyR middleware.SetLocaleCookie(ctx.Resp, u.Language, 0) + if ctx.Locale.Language() != u.Language { + ctx.Locale = middleware.Locale(ctx.Resp, ctx.Req) + } + // Clear whatever CSRF has right now, force to generate a new one middleware.DeleteCSRFCookie(ctx.Resp)