AuthenticationController: handle redirect parameter

This is a form field instead of a get parameter right now. fixes #6584
2014-08-19 10:14:46 +02:00 · 2014-08-19 10:14:46 +02:00 · f67d273bbd
parent 17b64f9dd5
commit f67d273bbd
1 changed files with 21 additions and 8 deletions
--- a/application/controllers/AuthenticationController.php
+++ b/application/controllers/AuthenticationController.php
@ -35,12 +35,17 @@ class AuthenticationController extends ActionController
    public function loginAction()
    {
        $auth = $this->Auth();
-        $this->view->form = new LoginForm();
-        $this->view->form->setRequest($this->_request);
+        $this->view->form = $form = new LoginForm();
+        $form->setRequest($this->_request);
        $this->view->title = $this->translate('Icingaweb Login');

        try {
-            $redirectUrl = Url::fromPath($this->params->get('redirect', 'dashboard'));
+            $redirectUrl = $this->view->form->getValue('redirect');
+            if ($redirectUrl) {
+                $redirectUrl = Url::fromPath($redirectUrl);
+            } else {
+                $redirectUrl = Url::fromPath('dashboard');
+            }

            if ($auth->isAuthenticated()) {
                $this->rerenderLayout()->redirectNow($redirectUrl);
@ -72,12 +77,20 @@ class AuthenticationController extends ActionController
                        }
                    }
                }
-            } elseif ($this->view->form->isSubmittedAndValid()) {
-                $user = new User($this->view->form->getValue('username'));
-                $password = $this->view->form->getValue('password');
+            } elseif ($form->isSubmittedAndValid()) {
+                $user = new User($form->getValue('username'));
+                $password = $form->getValue('password');
                $backendsTried = 0;
                $backendsWithError = 0;

+                $redirectUrl = $form->getValue('redirect');
+
+                if ($redirectUrl) {
+                    $redirectUrl = Url::fromPath($redirectUrl);
+                } else {
+                    $redirectUrl = Url::fromPath('dashboard');
+                }
+
                foreach ($chain as $backend) {
                    if ($backend instanceof AutoLoginBackend) {
                        continue;
@ -112,14 +125,14 @@ class AuthenticationController extends ActionController
                    );
                }
                if ($backendsWithError) {
-                    $this->view->form->addNote(
+                    $form->addNote(
                        $this->translate(
                            'Note that not all authentication backends are available for authentication because they'
                            . ' have errors. Please check the system log or Icinga Web 2 log for more information'
                        )
                    );
                }
-                $this->view->form->getElement('password')->addError($this->translate('Incorrect username or password'));
+                $form->getElement('password')->addError($this->translate('Incorrect username or password'));
            }
        } catch (Exception $e) {
            $this->view->errorInfo = $e->getMessage();