Can redirect user on successful login

2022-04-02 19:44:13 +02:00
parent da74acaed8
commit f08fddc79c
7 changed files with 46 additions and 10 deletions
--- a/src/controllers/login_controller.rs
+++ b/src/controllers/login_controller.rs
@ -16,6 +16,7 @@ struct BaseLoginPage {
    success: String,
    page_title: &'static str,
    app_name: &'static str,
+    redirect_uri: String,
 }

 #[derive(Template)]
@ -41,6 +42,7 @@ pub struct LoginRequestBody {
 #[derive(serde::Deserialize)]
 pub struct LoginRequestQuery {
    logout: Option<bool>,
+    redirect: Option<String>,
 }

 /// Authenticate user
@ -52,6 +54,14 @@ pub async fn login_route(users: web::Data<Addr<UsersActor>>,
    let mut success = String::new();
    let mut login = String::new();

+    let redirect_uri = match query.redirect.as_deref() {
+        None => "/",
+        Some(s) => match s.starts_with('/') && !s.starts_with("//") {
+            true => s,
+            false => "/",
+        }
+    };
+
    // Check if user session must be closed
    if let Some(true) = query.logout {
        id.forget();
@ -60,7 +70,7 @@ pub async fn login_route(users: web::Data<Addr<UsersActor>>,

    // Check if user is already authenticated
    if SessionIdentity(&id).is_authenticated() {
-        return redirect_user("/");
+        return redirect_user(redirect_uri);
    }

    // Check if user is setting a new  password
@ -78,7 +88,7 @@ pub async fn login_route(users: web::Data<Addr<UsersActor>>,
                danger = "Failed to change password!".to_string();
            } else {
                SessionIdentity(&id).set_status(SessionStatus::SignedIn);
-                return redirect_user("/");
+                return redirect_user(redirect_uri);
            }
        }
    }
@ -100,7 +110,7 @@ pub async fn login_route(users: web::Data<Addr<UsersActor>>,
                if user.need_reset_password {
                    SessionIdentity(&id).set_status(SessionStatus::NeedNewPassword);
                } else {
-                    return redirect_user("/");
+                    return redirect_user(redirect_uri);
                }
            }

@ -122,6 +132,7 @@ pub async fn login_route(users: web::Data<Addr<UsersActor>>,
                    danger,
                    success,
                    app_name: APP_NAME,
+                    redirect_uri: urlencoding::encode(redirect_uri).to_string(),
                },
                min_pass_len: MIN_PASS_LEN,
            }.render().unwrap());
@ -136,6 +147,7 @@ pub async fn login_route(users: web::Data<Addr<UsersActor>>,
                danger,
                success,
                app_name: APP_NAME,
+                redirect_uri: urlencoding::encode(redirect_uri).to_string(),
            },
            login,
        }.render().unwrap())