From aa0a8a2aa8adb2109ec02ef587729f0fc2095031 Mon Sep 17 00:00:00 2001 From: Chase Sterling Date: Fri, 8 Jul 2016 23:39:11 -0400 Subject: [PATCH] Store next url redirect for in session to work with oauth login callbacks --- realms/modules/auth/ldap/views.py | 4 ++-- realms/modules/auth/local/views.py | 4 ++-- realms/modules/auth/oauth/views.py | 2 +- realms/modules/auth/views.py | 4 +++- 4 files changed, 8 insertions(+), 6 deletions(-) diff --git a/realms/modules/auth/ldap/views.py b/realms/modules/auth/ldap/views.py index 7ab82f4..4a16cfa 100644 --- a/realms/modules/auth/ldap/views.py +++ b/realms/modules/auth/ldap/views.py @@ -1,4 +1,4 @@ -from flask import current_app, request, redirect, Blueprint, flash, url_for +from flask import current_app, request, redirect, Blueprint, flash, url_for, session from ..ldap.models import User from flask_ldap_login import LDAPLoginForm @@ -14,6 +14,6 @@ def login(): return redirect(url_for('auth.login')) if User.auth(form.user, request.form['password']): - return redirect(request.args.get("next") or url_for(current_app.config['ROOT_ENDPOINT'])) + return redirect(session.get("next_url") or url_for(current_app.config['ROOT_ENDPOINT'])) else: return redirect(url_for('auth.login')) diff --git a/realms/modules/auth/local/views.py b/realms/modules/auth/local/views.py index c863d0e..e4b02e6 100644 --- a/realms/modules/auth/local/views.py +++ b/realms/modules/auth/local/views.py @@ -1,4 +1,4 @@ -from flask import current_app, render_template, request, redirect, Blueprint, flash, url_for +from flask import current_app, render_template, request, redirect, Blueprint, flash, url_for, session from realms.modules.auth.local.models import User from realms.modules.auth.local.forms import LoginForm, RegistrationForm @@ -46,6 +46,6 @@ def register(): User.create(request.form['username'], request.form['email'], request.form['password']) User.auth(request.form['email'], request.form['password']) - return redirect(request.args.get("next") or url_for(current_app.config['ROOT_ENDPOINT'])) + return redirect(session.get("next_url") or url_for(current_app.config['ROOT_ENDPOINT'])) return render_template("auth/register.html", form=form) diff --git a/realms/modules/auth/oauth/views.py b/realms/modules/auth/oauth/views.py index 3eb99e4..45222e5 100644 --- a/realms/modules/auth/oauth/views.py +++ b/realms/modules/auth/oauth/views.py @@ -16,7 +16,7 @@ def login(provider): @blueprint.route('/login/oauth//callback') def callback(provider): - next_url = request.args.get('next') or url_for(current_app.config['ROOT_ENDPOINT']) + next_url = session.get('next_url') or url_for(current_app.config['ROOT_ENDPOINT']) try: remote_app = User.get_app(provider) resp = remote_app.authorized_response() diff --git a/realms/modules/auth/views.py b/realms/modules/auth/views.py index 8ca607f..df67859 100644 --- a/realms/modules/auth/views.py +++ b/realms/modules/auth/views.py @@ -1,4 +1,4 @@ -from flask import current_app, render_template, request, redirect, Blueprint, flash, url_for +from flask import current_app, render_template, request, redirect, Blueprint, flash, url_for, session from flask.ext.login import logout_user from realms.modules.auth.models import Auth @@ -7,6 +7,8 @@ blueprint = Blueprint('auth', __name__) @blueprint.route("/login", methods=['GET', 'POST']) def login(): + next_url = request.args.get('next') or url_for(current_app.config['ROOT_ENDPOINT']) + session['next_url'] = next_url return render_template("auth/login.html", forms=Auth.login_forms())