Fixing redirection issue for logged-in users (#26105)

This PR addresses an issue where logged-in users get redirected to the homepage when trying to access a URL with the redirect_to parameter. The issue was traced back to a middleware function in services/auth/middleware.go that redirects logged-in users to the homepage. This function didn't account the redirect_to parameter. The fix modifies the middleware function to check for this case and redirect the user to the specified URL instead of the homepage. Closes: #26005 --------- Signed-off-by: cassiozareck <cassiomilczareck@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
go-gitea · Jul 27, 2023 · 73fb1ec · 73fb1ec
1 parent c6975e5
commit 73fb1ec
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/routers/web/web.go b/routers/web/web.go
@@ -374,8 +374,9 @@ func registerRoutes(m *web.Route) {
 	m.Get("/milestones", reqSignIn, reqMilestonesDashboardPageEnabled, user.Milestones)
 
 	// ***** START: User *****
+	// "user/login" doesn't need signOut, then logged-in users can still access this route for redirection purposes by "/user/login?redirec_to=..."
+	m.Get("/user/login", auth.SignIn)
 	m.Group("/user", func() {
-		m.Get("/login", auth.SignIn)
 		m.Post("/login", web.Bind(forms.SignInForm{}), auth.SignInPost)
 		m.Group("", func() {
 			m.Combo("/login/openid").