Merge pull request #4484 from nextcloud/fix/logincontroller-redirect-url-failed-login

Fix remember redirect_url on failed login attempts
This commit is contained in:
blizzz 2017-04-25 13:15:53 +02:00 committed by GitHub
commit 026070a2fc
2 changed files with 9 additions and 4 deletions

View file

@ -240,6 +240,9 @@ class LoginController extends Controller {
if ($loginResult === false) {
// Read current user and append if possible - we need to return the unmodified user otherwise we will leak the login name
$args = !is_null($user) ? ['user' => $originalUser] : [];
if (!is_null($redirect_url)) {
$args['redirect_url'] = $redirect_url;
}
$response = new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args));
$response->throttle();
$this->session->set('loginMessages', [

View file

@ -23,7 +23,6 @@ namespace Tests\Core\Controller;
use OC\Authentication\TwoFactorAuth\Manager;
use OC\Core\Controller\LoginController;
use OC\Security\Bruteforce\Throttler;
use OC\User\Session;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\AppFramework\Http\TemplateResponse;
@ -281,7 +280,7 @@ class LoginControllerTest extends TestCase {
public function testLoginWithInvalidCredentials() {
$user = 'MyUserName';
$password = 'secret';
$loginPageUrl = 'some url';
$loginPageUrl = '/login?redirect_url=/apps/files';
$this->request
->expects($this->once())
@ -292,7 +291,10 @@ class LoginControllerTest extends TestCase {
->will($this->returnValue(false));
$this->urlGenerator->expects($this->once())
->method('linkToRoute')
->with('core.login.showLoginForm')
->with('core.login.showLoginForm', [
'user' => 'MyUserName',
'redirect_url' => '/apps/files',
])
->will($this->returnValue($loginPageUrl));
$this->userSession->expects($this->never())
@ -304,7 +306,7 @@ class LoginControllerTest extends TestCase {
$expected = new \OCP\AppFramework\Http\RedirectResponse($loginPageUrl);
$expected->throttle();
$this->assertEquals($expected, $this->loginController->tryLogin($user, $password, ''));
$this->assertEquals($expected, $this->loginController->tryLogin($user, $password, '/apps/files'));
}
public function testLoginWithValidCredentials() {