Skip to content

Commit

Permalink
Fixed login redirects in admin plugin
Browse files Browse the repository at this point in the history
  • Loading branch information
@mahagr
mahagr committed May 13, 2021
1 parent 890b091 commit 16d3dba
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 10 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
* Google: non-hosted google accounts cannot be used [#25](https://github.com/trilbymedia/grav-plugin-login-oauth2/issues/25)
* Fixed missing translations in the template file [#37](https://github.com/trilbymedia/grav-plugin-login-oauth2/pull/37)
* Fixed login buttons exceeding available width on mobile screens [#31](https://github.com/trilbymedia/grav-plugin-login-oauth2/pull/31)
* Fixed login redirects in admin plugin

# v2.0.5
## 12/02/2020
Expand Down
43 changes: 33 additions & 10 deletions login-oauth2.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,6 +161,10 @@ public function loginRedirect(): void
$session = $this->grav['session'];
$session->oauth2_state = $provider->getState();
$session->oauth2_provider = $provider_name;
if ($this->isAdmin()) {
$current = (string)$this->grav['admin']->request->getUri();
$session->redirect_after_login = $current;
}

$authorizationUrl = $provider->getAuthorizationUrl();

Expand All @@ -182,6 +186,7 @@ public function loginCallback(): void
/** @var Session $session */
$session = $this->grav['session'];
$provider_name = $session->oauth2_provider;
$login_redirect = $session->redirect_after_login;

/** @var Language $t */
$t = $this->grav['language'];
Expand All @@ -200,23 +205,41 @@ public function loginCallback(): void
$messages->add($t->translate('PLUGIN_LOGIN.LOGIN_FAILED'), 'error');
} else {
// Fire Login process.
$event = $login->login([], ['remember_me' => true, 'oauth2' => true, 'provider' => $provider_name], ['return_event' => true]);
$user = $event->getUser();
$event = $login->login(
[],
['admin' => $this->isAdmin(), 'remember_me' => true, 'oauth2' => true, 'provider' => $provider_name],
['authorize' => $this->isAdmin() ? 'admin.login' : 'site.login', 'return_event' => true]);

if ($user->authorize('login')) {
// Note: session variables have been reset!
$user = $event->getUser();
if ($user->authorized) {
$event->defMessage('PLUGIN_LOGIN.LOGIN_SUCCESSFUL', 'info');

$event->defRedirect(
$this->grav['session']->redirect_after_login
?: LoginPlugin::defaultRedirectAfterLogin()
?: $this->grav['uri']->referrer('/')
);
} elseif ($user->username) {
if ($this->isAdmin()) {
$event->defRedirect($login_redirect ?? '/');
} else {
$event->defRedirect(
$login_redirect
?: LoginPlugin::defaultRedirectAfterLogin()
?: $this->grav['uri']->referrer('/')
);
}
} elseif ($user->authenticated) {
$event->defMessage('PLUGIN_LOGIN.ACCESS_DENIED', 'error');

$event->defRedirect($this->grav['config']->get('plugins.login.route_unauthorized', '/'));
if ($this->isAdmin()) {
$event->defRedirect($login_redirect ?? '/');
} else {
$event->defRedirect($this->grav['config']->get('plugins.login.route_unauthorized', '/'));
}
} else {
$event->defMessage('PLUGIN_LOGIN.LOGIN_FAILED', 'error');

if ($this->isAdmin()) {
$event->defRedirect($login_redirect ?? '/');
} else {
$event->defRedirect($this->grav['config']->get('plugins.login.route', '/'));
}
}

$message = $event->getMessage();
Expand Down

0 comments on commit 16d3dba

Please sign in to comment.