Support redirecting to arbitrary URLs after login is succesful #29

WP_Auth0.php

@@ -241,8 +241,12 @@ public static function render_form( $html ){
 
  if (trim($client_id) == "") return;
 
- ob_start();
+ if (isset($_GET['redirect_to']))
+ {
+ setcookie("login-redirect", $_GET['redirect_to'], time()+3600);
+ }
 
+ ob_start();
  require_once WPA0_PLUGIN_DIR . 'templates/login-form.php';
  renderAuth0Form();
 
@@ -339,7 +343,18 @@ public static function init_auth0(){
  exit();
 
  } else {
- wp_safe_redirect( home_url() );
+
+ if (isset($_COOKIE['login-redirect']))
+ {
+ $redirectURL = $_COOKIE['login-redirect'];
+ setcookie("login-redirect", '', time()-3600);
+ }
+ else
+ {
+ $redirectURL = WP_Auth0_Options::get( 'default_login_redirection' );
+ }
+
+ wp_safe_redirect( $redirectURL );
  }
  }
  }elseif (is_array($response['response']) && $response['response']['code'] == 401) {

lib/WP_Auth0_Admin.php

@@ -85,6 +85,7 @@ public static function init_admin(){
  array('id' => 'wpa0_dict', 'name' => 'Translation', 'function' => 'render_dict'),
  array('id' => 'wpa0_username_style', 'name' => 'Username style', 'function' => 'render_username_style'),
  array('id' => 'wpa0_remember_last_login', 'name' => 'Remember last login', 'function' => 'render_remember_last_login'),
+ array('id' => 'wpa0_default_login_redirection', 'name' => 'Login redirection URL', 'function' => 'render_default_login_redirection'),
  array('id' => 'wpa0_verified_email', 'name' => 'Requires verified email', 'function' => 'render_verified_email'),
  array('id' => 'wpa0_allow_signup', 'name' => 'Allow signup', 'function' => 'render_allow_signup'),
  array('id' => 'wpa0_auto_login', 'name' => 'Auto Login (no widget)', 'function' => 'render_auto_login'),
@@ -142,6 +143,12 @@ public static function render_form_title(){
  echo '<br/><span class="description">' . __('This is the title for the login widget', WPA0_LANG) . '</span>';
  }
 
+ public static function render_default_login_redirection(){
+ $v = WP_Auth0_Options::get( 'default_login_redirection' );
+ echo '<input type="text" name="' . WP_Auth0_Options::OPTIONS_NAME . '[default_login_redirection]" id="wpa0_default_login_redirection" value="' . esc_attr( $v ) . '"/>';
+ echo '<br/><span class="description">' . __('This is the URL that all users will be redirected by default after login', WPA0_LANG) . '</span>';
+ }
+
  public static function render_dict(){
  $v = WP_Auth0_Options::get( 'dict' );
  echo '<textarea name="' . WP_Auth0_Options::OPTIONS_NAME . '[dict]" id="wpa0_dict">' . esc_attr( $v ) . '</textarea>';
@@ -285,6 +292,35 @@ public static function input_validator( $input ){
 
  $input['remember_last_login'] = (isset($input['remember_last_login']) ? 1 : 0);
 
+ $input['default_login_redirection'] = esc_url_raw($input['default_login_redirection']);
+ $home_url = home_url();
+
+ if (empty($input['default_login_redirection']))
+ {
+ $input['default_login_redirection'] = $home_url;
+ }
+ else
+ {
+ if (strpos($input['default_login_redirection'], $home_url) !== 0)
+ {
+ if (strpos($input['default_login_redirection'], 'http') === 0)
+ {
+ $input['default_login_redirection'] = $home_url;
+
+ $error = __("The 'Login redirect URL' cannot point to a foreign page.", WPA0_LANG);
+ self::add_validation_error($error);
+ }
+ }
+
+ if (strpos($input['default_login_redirection'], 'action=logout') !== false)
+ {
+ $input['default_login_redirection'] = $home_url;
+
+ $error = __("The 'Login redirect URL' cannot point to the logout page.", WPA0_LANG);
+ self::add_validation_error($error);
+ }
+ }
+
  $error = "";
  $completeBasicData = true;
  if (empty($input["domain"]) ) {

lib/WP_Auth0_Options.php

@@ -60,6 +60,7 @@ private static function defaults(){
  'remember_last_login' => true,
  'custom_css' => '',
  'gravatar' => true,
+ 'default_login_redirection' => home_url(),
  );
  }
 }