mirror of
https://github.com/nextcloud/server.git
synced 2025-07-24 12:19:26 +00:00
fix(auth): preserve redirect URL after logout
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This commit is contained in:
Christoph Wurst
@ -77,7 +77,7 @@ class LoginController extends Controller {
|
||||
#[NoAdminRequired]
|
||||
#[UseSession]
|
||||
#[FrontpageRoute(verb: 'GET', url: '/logout')]
|
||||
public function logout() {
|
||||
public function logout(?string $redirect_url = null) {
|
||||
$loginToken = $this->request->getCookie('nc_token');
|
||||
if (!is_null($loginToken)) {
|
||||
$this->config->deleteUserValue($this->userSession->getUser()->getUID(), 'login_token', $loginToken);
|
||||
@ -86,7 +86,10 @@ class LoginController extends Controller {
|
||||
|
||||
$response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute(
|
||||
'core.login.showLoginForm',
|
||||
['clear' => true] // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers
|
||||
[
|
||||
'clear' => true, // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers
|
||||
'redirect_url' => $redirect_url,
|
||||
],
|
||||
));
|
||||
|
||||
$this->session->set('clearingExecutionContexts', '1');
|
||||
|
||||
@ -45,8 +45,8 @@ class TwoFactorChallengeController extends Controller {
|
||||
/**
|
||||
* @return string
|
||||
*/
|
||||
protected function getLogoutUrl() {
|
||||
return OC_User::getLogoutUrl($this->urlGenerator);
|
||||
protected function getLogoutUrl(?string $redirectUrl = null): string {
|
||||
return OC_User::getLogoutUrl($this->urlGenerator, $redirectUrl);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -87,7 +87,7 @@ class TwoFactorChallengeController extends Controller {
|
||||
'backupProvider' => $backupProvider,
|
||||
'providerMissing' => $providerSet->isProviderMissing(),
|
||||
'redirect_url' => $redirect_url,
|
||||
'logout_url' => $this->getLogoutUrl(),
|
||||
'logout_url' => $this->getLogoutUrl($redirect_url),
|
||||
'hasSetupProviders' => !empty($setupProviders),
|
||||
];
|
||||
Util::addScript('core', 'twofactor-request-token');
|
||||
@ -135,7 +135,7 @@ class TwoFactorChallengeController extends Controller {
|
||||
'error_message' => $errorMessage,
|
||||
'provider' => $provider,
|
||||
'backupProvider' => $backupProvider,
|
||||
'logout_url' => $this->getLogoutUrl(),
|
||||
'logout_url' => $this->getLogoutUrl($redirect_url),
|
||||
'redirect_url' => $redirect_url,
|
||||
'template' => $tmpl->fetchPage(),
|
||||
];
|
||||
@ -203,7 +203,7 @@ class TwoFactorChallengeController extends Controller {
|
||||
|
||||
$data = [
|
||||
'providers' => $setupProviders,
|
||||
'logout_url' => $this->getLogoutUrl(),
|
||||
'logout_url' => $this->getLogoutUrl($redirect_url),
|
||||
'redirect_url' => $redirect_url,
|
||||
];
|
||||
|
||||
@ -234,7 +234,7 @@ class TwoFactorChallengeController extends Controller {
|
||||
$tmpl = $provider->getLoginSetup($user)->getBody();
|
||||
$data = [
|
||||
'provider' => $provider,
|
||||
'logout_url' => $this->getLogoutUrl(),
|
||||
'logout_url' => $this->getLogoutUrl($redirect_url),
|
||||
'redirect_url' => $redirect_url,
|
||||
'template' => $tmpl->fetchPage(),
|
||||
];
|
||||
|
||||
@ -11,6 +11,7 @@ namespace OC\AppFramework\Middleware\Security;
|
||||
use OC\AppFramework\Middleware\Security\Exceptions\ReloadExecutionException;
|
||||
use OCP\AppFramework\Http\RedirectResponse;
|
||||
use OCP\AppFramework\Middleware;
|
||||
use OCP\IRequest;
|
||||
use OCP\ISession;
|
||||
use OCP\IURLGenerator;
|
||||
|
||||
@ -19,12 +20,10 @@ use OCP\IURLGenerator;
|
||||
* a reload but if the session variable is set we properly redirect to the login page.
|
||||
*/
|
||||
class ReloadExecutionMiddleware extends Middleware {
|
||||
/** @var ISession */
|
||||
private $session;
|
||||
/** @var IURLGenerator */
|
||||
private $urlGenerator;
|
||||
|
||||
public function __construct(ISession $session, IURLGenerator $urlGenerator) {
|
||||
public function __construct(private ISession $session,
|
||||
private IURLGenerator $urlGenerator,
|
||||
private IRequest $request) {
|
||||
$this->session = $session;
|
||||
$this->urlGenerator = $urlGenerator;
|
||||
}
|
||||
@ -41,7 +40,10 @@ class ReloadExecutionMiddleware extends Middleware {
|
||||
|
||||
return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute(
|
||||
'core.login.showLoginForm',
|
||||
['clear' => true] // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers
|
||||
[
|
||||
'clear' => true, // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers
|
||||
'redirect_url' => $this->request->getParam('redirect_url'),
|
||||
],
|
||||
));
|
||||
}
|
||||
|
||||
|
||||
@ -284,7 +284,8 @@ class OC_User {
|
||||
* @param \OCP\IURLGenerator $urlGenerator
|
||||
* @return string
|
||||
*/
|
||||
public static function getLogoutUrl(\OCP\IURLGenerator $urlGenerator) {
|
||||
public static function getLogoutUrl(\OCP\IURLGenerator $urlGenerator,
|
||||
?string $redirectUrl = null): string {
|
||||
$backend = self::findFirstActiveUsedBackend();
|
||||
if ($backend) {
|
||||
return $backend->getLogoutUrl();
|
||||
@ -298,10 +299,10 @@ class OC_User {
|
||||
}
|
||||
}
|
||||
|
||||
$logoutUrl = $urlGenerator->linkToRoute('core.login.logout');
|
||||
$logoutUrl .= '?requesttoken=' . urlencode(\OCP\Util::callRegister());
|
||||
|
||||
return $logoutUrl;
|
||||
return $urlGenerator->linkToRoute('core.login.logout', [
|
||||
'requesttoken' => \OCP\Util::callRegister(),
|
||||
'redirect_url' => $redirectUrl,
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user