[6.x] Redirect to intended URL after CP login#14560
Open
jasonvarga wants to merge 3 commits into6.xfrom
Open
Conversation
Use redirect()->guest() in AuthenticationException so Laravel stores the originally requested URL in the session. The existing redirect()->intended() call in LoginController will then send the user back to the page they were trying to reach instead of the CP home. Also drops dead `referer` plumbing in LoginController and the Login.vue component now hard-reloads to page.url (the URL Inertia followed the server redirect to) instead of the unused props.referer.
The `referer` POST param path was dead with the Inertia form and was removed in this branch. The intended-URL flow is covered by the adjacent `it_redirects_to_intended_url` test.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
When an unauthenticated user visits a CP URL (e.g.
/cp/collections), they are redirected to the login page. After logging in, they were being sent to the CP home page rather than the page they originally tried to reach.The root cause:
AuthenticationExceptionredirected viaredirect()->route('statamic.cp.login'), which doesn't store the intended URL.LoginController::authenticated()was already callingredirect()->intended(...), but the session never had a target to recall, so it always fell back to the home page.Changes
AuthenticationExceptionnow redirects viaredirect()->guest(route('statamic.cp.login')), which stores the originally requested URL in the session asurl.intended.refererquery plumbing fromLoginController(getReferrer(), therefererInertia prop, and the conditional inredirectPath()). The Inertia login form never POSTed arefererfield, so the server-side check was always null.Login.vuenow hard-reloads topage.url(the URL Inertia ended up at after following the server's redirect) instead of the unusedprops.referer. The full page load is still desirable so the destination CP page boots with all its initial props.onSuccessis preserved so that flow stays an Inertia transition.Test plan
/cp/collectionswhile logged out, log in, confirm you land on/cp/collections/cp/auth/logindirectly, log in, confirm you land on the CP home