diff --git a/CHANGELOG.md b/CHANGELOG.md index 51bb892..03e9427 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ * Google: non-hosted google accounts cannot be used [#25](https://github.com/trilbymedia/grav-plugin-login-oauth2/issues/25) * Fixed missing translations in the template file [#37](https://github.com/trilbymedia/grav-plugin-login-oauth2/pull/37) * Fixed login buttons exceeding available width on mobile screens [#31](https://github.com/trilbymedia/grav-plugin-login-oauth2/pull/31) + * Fixed login redirects in admin plugin # v2.0.5 ## 12/02/2020 diff --git a/login-oauth2.php b/login-oauth2.php index 6510894..d135875 100644 --- a/login-oauth2.php +++ b/login-oauth2.php @@ -161,6 +161,10 @@ public function loginRedirect(): void $session = $this->grav['session']; $session->oauth2_state = $provider->getState(); $session->oauth2_provider = $provider_name; + if ($this->isAdmin()) { + $current = (string)$this->grav['admin']->request->getUri(); + $session->redirect_after_login = $current; + } $authorizationUrl = $provider->getAuthorizationUrl(); @@ -182,6 +186,7 @@ public function loginCallback(): void /** @var Session $session */ $session = $this->grav['session']; $provider_name = $session->oauth2_provider; + $login_redirect = $session->redirect_after_login; /** @var Language $t */ $t = $this->grav['language']; @@ -200,23 +205,41 @@ public function loginCallback(): void $messages->add($t->translate('PLUGIN_LOGIN.LOGIN_FAILED'), 'error'); } else { // Fire Login process. - $event = $login->login([], ['remember_me' => true, 'oauth2' => true, 'provider' => $provider_name], ['return_event' => true]); - $user = $event->getUser(); + $event = $login->login( + [], + ['admin' => $this->isAdmin(), 'remember_me' => true, 'oauth2' => true, 'provider' => $provider_name], + ['authorize' => $this->isAdmin() ? 'admin.login' : 'site.login', 'return_event' => true]); - if ($user->authorize('login')) { + // Note: session variables have been reset! + $user = $event->getUser(); + if ($user->authorized) { $event->defMessage('PLUGIN_LOGIN.LOGIN_SUCCESSFUL', 'info'); - $event->defRedirect( - $this->grav['session']->redirect_after_login - ?: LoginPlugin::defaultRedirectAfterLogin() - ?: $this->grav['uri']->referrer('/') - ); - } elseif ($user->username) { + if ($this->isAdmin()) { + $event->defRedirect($login_redirect ?? '/'); + } else { + $event->defRedirect( + $login_redirect + ?: LoginPlugin::defaultRedirectAfterLogin() + ?: $this->grav['uri']->referrer('/') + ); + } + } elseif ($user->authenticated) { $event->defMessage('PLUGIN_LOGIN.ACCESS_DENIED', 'error'); - $event->defRedirect($this->grav['config']->get('plugins.login.route_unauthorized', '/')); + if ($this->isAdmin()) { + $event->defRedirect($login_redirect ?? '/'); + } else { + $event->defRedirect($this->grav['config']->get('plugins.login.route_unauthorized', '/')); + } } else { $event->defMessage('PLUGIN_LOGIN.LOGIN_FAILED', 'error'); + + if ($this->isAdmin()) { + $event->defRedirect($login_redirect ?? '/'); + } else { + $event->defRedirect($this->grav['config']->get('plugins.login.route', '/')); + } } $message = $event->getMessage();