Redirect back from login after 403 (Not authorized)

This commit is contained in:
Igor Scheller 2021-10-04 21:45:06 +02:00 committed by msquare
parent c2c1a4d281
commit 657b44f9cf
10 changed files with 35 additions and 8 deletions

View File

@ -578,7 +578,7 @@ function AngelTypes_about_view($angeltypes, $user_logged_in)
$buttons[] = button(page_link_to('register'), register_title()); $buttons[] = button(page_link_to('register'), register_title());
} }
$buttons[] = button(page_link_to('login'), __('Login')); $buttons[] = button(page_link_to('login'), __('login.login'));
} }
$footerConfig = config('footer_items'); $footerConfig = config('footer_items');

View File

@ -125,9 +125,12 @@ msgstr "Registrieren"
#: resources/views/layouts/parts/navbar.twig:43 #: resources/views/layouts/parts/navbar.twig:43
#: resources/views/pages/login.twig:4 resources/views/pages/login.twig:66 #: resources/views/pages/login.twig:4 resources/views/pages/login.twig:66
#: includes/view/AngelTypes_view.php:581 #: includes/view/AngelTypes_view.php:581
msgid "Login" msgid "login.login"
msgstr "Login" msgstr "Login"
msgid "page.403.login"
msgstr "Bitte melde dich an."
#: resources/views/macros/form.twig:17 #: resources/views/macros/form.twig:17
msgid "form.submit" msgid "form.submit"
msgstr "Absenden" msgstr "Absenden"

View File

@ -27,6 +27,12 @@ msgstr "Your password is incorrect. Please try it again."
msgid "form.submit" msgid "form.submit"
msgstr "Submit" msgstr "Submit"
msgid "login.login"
msgstr "Login"
msgid "page.403.login"
msgstr "Please log in."
msgid "page.404.text" msgid "page.404.text"
msgstr "" msgstr ""
"This page could not be found or you don't have permission to view it. " "This page could not be found or you don't have permission to view it. "

View File

@ -1,5 +1,15 @@
{% extends "errors/default.twig" %} {% extends "errors/default.twig" %}
{% import 'macros/base.twig' as m %}
{% block title %}{{ __("Forbidden") }}{% endblock %} {% block title %}{{ __("Forbidden") }}{% endblock %}
{% block content_headline_text %}{{ __("You are not allowed to access this page") }}{% endblock %} {% block content_headline_text %}{{ __("You are not allowed to access this page") }}{% endblock %}
{% block content_text %}
{% if is_guest() %}
{% do session_set('previous_page', request.url) %}
<p>{{ __('page.403.login') }}</p>
<p>{{ m.button(__('login.login'), url('login')) }}</p>
{% endif %}
{% endblock %}

View File

@ -40,7 +40,7 @@
{% endif %} {% endif %}
{% if has_permission_to('login') %} {% if has_permission_to('login') %}
{{ _self.toolbar_item(__('Login'), url('login'), 'login', 'box-arrow-in-right') }} {{ _self.toolbar_item(__('login.login'), url('login'), 'login', 'box-arrow-in-right') }}
{% endif %} {% endif %}
{% if is_user() and has_permission_to('user_messages') %} {% if is_user() and has_permission_to('user_messages') %}

View File

@ -1,7 +1,7 @@
{% extends "layouts/app.twig" %} {% extends "layouts/app.twig" %}
{% import 'macros/base.twig' as m %} {% import 'macros/base.twig' as m %}
{% block title %}{{ __('Login') }}{% endblock %} {% block title %}{{ __('login.login') }}{% endblock %}
{% block content %} {% block content %}
<div class="col-md-12"> <div class="col-md-12">
@ -66,7 +66,7 @@
<div class="mb-3 text-center"> <div class="mb-3 text-center">
<button class="btn btn-primary btn-lg btn-block" type="submit" name="submit"> <button class="btn btn-primary btn-lg btn-block" type="submit" name="submit">
{{ __('Login') }} {{ __('login.login') }}
</button> </button>
</div> </div>

View File

@ -107,6 +107,8 @@ class AuthController extends BaseController
*/ */
public function loginUser(User $user): Response public function loginUser(User $user): Response
{ {
$previousPage = $this->session->get('previous_page');
$this->session->invalidate(); $this->session->invalidate();
$this->session->set('user_id', $user->id); $this->session->set('user_id', $user->id);
$this->session->set('locale', $user->settings->language); $this->session->set('locale', $user->settings->language);
@ -114,7 +116,7 @@ class AuthController extends BaseController
$user->last_login_at = new Carbon(); $user->last_login_at = new Carbon();
$user->save(['touch' => false]); $user->save(['touch' => false]);
return $this->redirect->to($this->config->get('home_site')); return $this->redirect->to($previousPage ?: $this->config->get('home_site'));
} }
/** /**

View File

@ -26,6 +26,7 @@ class Session extends TwigExtension
{ {
return [ return [
new TwigFunction('session_get', [$this->session, 'get']), new TwigFunction('session_get', [$this->session, 'get']),
new TwigFunction('session_set', [$this->session, 'set']),
]; ];
} }
} }

View File

@ -141,9 +141,9 @@ class AuthControllerTest extends TestCase
$session->set('foo', 'bar'); $session->set('foo', 'bar');
$user = $this->createUser(); $user = $this->createUser();
$redirect->expects($this->once()) $redirect->expects($this->exactly(2))
->method('to') ->method('to')
->with('news') ->withConsecutive(['news'], ['/test'])
->willReturn($response); ->willReturn($response);
$controller = new AuthController($response, $session, $redirect, $config, $auth); $controller = new AuthController($response, $session, $redirect, $config, $auth);
@ -152,6 +152,10 @@ class AuthControllerTest extends TestCase
$this->assertFalse($session->has('foo')); $this->assertFalse($session->has('foo'));
$this->assertNotNull($user->last_login_at); $this->assertNotNull($user->last_login_at);
$this->assertEquals(['user_id' => 42, 'locale' => 'de_DE'], $session->all()); $this->assertEquals(['user_id' => 42, 'locale' => 'de_DE'], $session->all());
// Redirect to previous page
$session->set('previous_page', '/test');
$controller->loginUser($user);
} }
/** /**

View File

@ -21,5 +21,6 @@ class SessionTest extends ExtensionTest
$functions = $extension->getFunctions(); $functions = $extension->getFunctions();
$this->assertExtensionExists('session_get', [$session, 'get'], $functions); $this->assertExtensionExists('session_get', [$session, 'get'], $functions);
$this->assertExtensionExists('session_set', [$session, 'set'], $functions);
} }
} }