Merge pull request #157 from gazpachoking/oauth_redirect

Store next url redirect for in session to work with oauth login callback
2016-09-04 14:42:50 -04:00 · 2016-09-04 14:42:50 -04:00 · 3cecb160df
parent a47d7e2471 2ce6c2d314
commit 3cecb160df
5 changed files with 9 additions and 7 deletions
--- a/realms/modules/auth/ldap/views.py
+++ b/realms/modules/auth/ldap/views.py
@ -1,4 +1,4 @@
-from flask import current_app, request, redirect, Blueprint, flash, url_for
+from flask import current_app, request, redirect, Blueprint, flash, url_for, session
 from ..ldap.models import User
 from flask_ldap_login import LDAPLoginForm
@ -14,6 +14,6 @@ def login():
        return redirect(url_for('auth.login'))
    if User.auth(form.user, request.form['password']):
-        return redirect(request.args.get("next") or url_for(current_app.config['ROOT_ENDPOINT']))
+        return redirect(session.get("next_url") or url_for(current_app.config['ROOT_ENDPOINT']))
    else:
        return redirect(url_for('auth.login'))
--- a/realms/modules/auth/local/views.py
+++ b/realms/modules/auth/local/views.py
@ -1,4 +1,4 @@
-from flask import current_app, render_template, request, redirect, Blueprint, flash, url_for
+from flask import current_app, render_template, request, redirect, Blueprint, flash, url_for, session
 from realms.modules.auth.local.models import User
 from realms.modules.auth.local.forms import LoginForm, RegistrationForm
@ -46,6 +46,6 @@ def register():
        User.create(request.form['username'], request.form['email'], request.form['password'])
        User.auth(request.form['email'], request.form['password'])
-        return redirect(request.args.get("next") or url_for(current_app.config['ROOT_ENDPOINT']))
+        return redirect(session.get("next_url") or url_for(current_app.config['ROOT_ENDPOINT']))
    return render_template("auth/register.html", form=form)
--- a/realms/modules/auth/oauth/views.py
+++ b/realms/modules/auth/oauth/views.py
@ -16,7 +16,7 @@ def login(provider):
@blueprint.route('/login/oauth/<provider>/callback')
 def callback(provider):
-    next_url = request.args.get('next') or url_for(current_app.config['ROOT_ENDPOINT'])
+    next_url = session.get('next_url') or url_for(current_app.config['ROOT_ENDPOINT'])
    try:
        remote_app = User.get_app(provider)
        resp = remote_app.authorized_response()
--- a/realms/modules/auth/views.py
+++ b/realms/modules/auth/views.py
@ -1,4 +1,4 @@
-from flask import current_app, render_template, request, redirect, Blueprint, flash, url_for
+from flask import current_app, render_template, request, redirect, Blueprint, flash, url_for, session
 from flask_login import logout_user
 from realms.modules.auth.models import Auth
@ -7,6 +7,8 @@ blueprint = Blueprint('auth', __name__, template_folder='templates')
@blueprint.route("/login", methods=['GET', 'POST'])
 def login():
    next_url = request.args.get('next') or url_for(current_app.config['ROOT_ENDPOINT'])
    session['next_url'] = next_url
    return render_template("auth/login.html", forms=Auth.login_forms())
--- a/realms/templates/layout.html
+++ b/realms/templates/layout.html
@ -72,7 +72,7 @@
                </ul>
                </li>
            {% else %}
-              <li><a href="{{ url_for('auth.login') }}"><i class="fa fa-user"></i> &nbsp;Login</a></li>
+              <li><a href="{{ url_for('auth.login', next=request.path) }}"><i class="fa fa-user"></i> &nbsp;Login</a></li>
              {% if config.REGISTRATION_ENABLED and 'auth.local' in config.MODULES %}
                <li><a href="{{ url_for('auth.local.register') }}"><i class="fa fa-users"></i> &nbsp;Register</a></li>
              {% endif %}