Fixes #2266 - Login always redirected to dashboard after third party / OAuth2 login (e.g. Google)
This commit is contained in:
Martin Edenhofer
Thorsten Eckel
parent
3b601ac16c
commit
c505851e4c
4 changed files with 68 additions and 16 deletions
|
|
@ -234,9 +234,7 @@ class App.Controller extends Spine.Controller
|
||||||
return true if @permissionCheck(key)
|
return true if @permissionCheck(key)
|
||||||
|
|
||||||
# remember requested url
|
# remember requested url
|
||||||
location = window.location.hash
|
@requestedUrlToStore()
|
||||||
if location && location isnt '#login' && location isnt '#logout' && location isnt '#keyboard_shortcuts'
|
|
||||||
App.Config.set('requested_url', location)
|
|
||||||
|
|
||||||
if closeTab
|
if closeTab
|
||||||
App.TaskManager.remove(@taskKey)
|
App.TaskManager.remove(@taskKey)
|
||||||
|
|
@ -255,9 +253,7 @@ class App.Controller extends Spine.Controller
|
||||||
return true if @authenticateCheck()
|
return true if @authenticateCheck()
|
||||||
|
|
||||||
# remember requested url
|
# remember requested url
|
||||||
location = window.location.hash
|
@requestedUrlToStore()
|
||||||
if location && location isnt '#login' && location isnt '#logout' && location isnt '#keyboard_shortcuts'
|
|
||||||
@Config.set('requested_url', location)
|
|
||||||
|
|
||||||
# redirect to login
|
# redirect to login
|
||||||
@navigate '#login'
|
@navigate '#login'
|
||||||
|
|
@ -271,6 +267,25 @@ class App.Controller extends Spine.Controller
|
||||||
return true if @Session.get()
|
return true if @Session.get()
|
||||||
false
|
false
|
||||||
|
|
||||||
|
requestedUrlToStore: ->
|
||||||
|
location = window.location.hash
|
||||||
|
|
||||||
|
return if !location
|
||||||
|
return if location is '#'
|
||||||
|
return if location is '#login'
|
||||||
|
return if location is '#logout'
|
||||||
|
return if location is '#keyboard_shortcuts'
|
||||||
|
|
||||||
|
# remember requested url
|
||||||
|
@requestedUrlRemember(location)
|
||||||
|
|
||||||
|
requestedUrlRemember: (location) ->
|
||||||
|
App.SessionStorage.set('requested_url', location) # for authentication agains third party
|
||||||
|
App.Config.set('requested_url', location) # for local re-login
|
||||||
|
|
||||||
|
requestedUrlWas: ->
|
||||||
|
App.SessionStorage.get('requested_url') || App.Config.get('requested_url')
|
||||||
|
|
||||||
frontendTimeUpdate: =>
|
frontendTimeUpdate: =>
|
||||||
update = =>
|
update = =>
|
||||||
@frontendTimeUpdateElement($('#app'))
|
@frontendTimeUpdateElement($('#app'))
|
||||||
|
|
|
||||||
|
|
@ -17,6 +17,14 @@ class DefaultRouter extends App.Controller
|
||||||
@navigate '#getting_started', { hideCurrentLocationFromHistory: true }
|
@navigate '#getting_started', { hideCurrentLocationFromHistory: true }
|
||||||
return
|
return
|
||||||
|
|
||||||
|
# redirect to requested url
|
||||||
|
requested_url = @requestedUrlWas()
|
||||||
|
if requested_url
|
||||||
|
@requestedUrlRemember('')
|
||||||
|
@log 'notice', "REDIRECT to '#{requested_url}'"
|
||||||
|
@navigate requested_url, { hideCurrentLocationFromHistory: true }
|
||||||
|
return
|
||||||
|
|
||||||
if @Config.get('default_controller')
|
if @Config.get('default_controller')
|
||||||
@navigate @Config.get('default_controller'), { hideCurrentLocationFromHistory: true }
|
@navigate @Config.get('default_controller'), { hideCurrentLocationFromHistory: true }
|
||||||
return
|
return
|
||||||
|
|
|
||||||
|
|
@ -79,14 +79,6 @@ class Login extends App.ControllerFullPage
|
||||||
App.Plugin.init()
|
App.Plugin.init()
|
||||||
|
|
||||||
# redirect to #
|
# redirect to #
|
||||||
requested_url = @Config.get('requested_url')
|
|
||||||
if requested_url && requested_url isnt '#login' && requested_url isnt '#logout'
|
|
||||||
@log 'notice', "REDIRECT to '#{requested_url}'"
|
|
||||||
@navigate requested_url
|
|
||||||
|
|
||||||
# reset
|
|
||||||
@Config.set('requested_url', '')
|
|
||||||
else
|
|
||||||
@log 'notice', 'REDIRECT to -#/-'
|
@log 'notice', 'REDIRECT to -#/-'
|
||||||
@navigate '#/'
|
@navigate '#/'
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -25,4 +25,41 @@ RSpec.describe 'Authentication', type: :system do
|
||||||
# check wrong displayed fields in registration form after logout. #2989
|
# check wrong displayed fields in registration form after logout. #2989
|
||||||
expect(page).to have_no_selector('select[name=organization_id]')
|
expect(page).to have_no_selector('select[name=organization_id]')
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it 'Login and redirect to requested url', authenticated_as: false do
|
||||||
|
visit 'ticket/zoom/1'
|
||||||
|
|
||||||
|
expect_current_route 'login', wait: 2
|
||||||
|
|
||||||
|
login(
|
||||||
|
username: 'master@example.com',
|
||||||
|
password: 'test',
|
||||||
|
)
|
||||||
|
|
||||||
|
expect_current_route 'ticket/zoom/1', wait: 2
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'Login and redirect to requested url via external authentication', authenticated_as: false do
|
||||||
|
visit 'ticket/zoom/1'
|
||||||
|
|
||||||
|
expect_current_route 'login', wait: 2
|
||||||
|
|
||||||
|
# simulate jump to external ressource
|
||||||
|
visit 'https://www.zammad.org'
|
||||||
|
|
||||||
|
# simulate successful login via third party
|
||||||
|
user = User.find_by(login: 'master@example.com')
|
||||||
|
ActiveRecord::SessionStore::Session.all.each do |session|
|
||||||
|
session.data[:user_id] = user.id
|
||||||
|
session.save!
|
||||||
|
end
|
||||||
|
|
||||||
|
# jump back and check if origin requested url is shown
|
||||||
|
visit ''
|
||||||
|
|
||||||
|
expect_current_route 'ticket/zoom/1', wait: 2
|
||||||
|
|
||||||
|
expect(current_login).to eq('master@example.com')
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue