Fixing redirection issue for logged-in users (#26105)

This PR addresses an issue where logged-in users get redirected to the
homepage when trying to access a URL with the redirect_to parameter. The
issue was traced back to a middleware function in
services/auth/middleware.go that redirects logged-in users to the
homepage. This function didn't account the redirect_to parameter.

The fix modifies the middleware function to check for this case and
redirect the user to the specified URL instead of the homepage.

Closes: #26005

---------

Signed-off-by: cassiozareck <cassiomilczareck@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This commit is contained in:
cassiozareck 2023-07-27 02:08:51 -03:00 committed by GitHub
parent c6975e583a
commit 73fb1ecdcf
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -374,8 +374,9 @@ func registerRoutes(m *web.Route) {
m.Get("/milestones", reqSignIn, reqMilestonesDashboardPageEnabled, user.Milestones)
// ***** START: User *****
// "user/login" doesn't need signOut, then logged-in users can still access this route for redirection purposes by "/user/login?redirec_to=..."
m.Get("/user/login", auth.SignIn)
m.Group("/user", func() {
m.Get("/login", auth.SignIn)
m.Post("/login", web.Bind(forms.SignInForm{}), auth.SignInPost)
m.Group("", func() {
m.Combo("/login/openid").