Commit fb6e8008 authored by Alex Lossent's avatar Alex Lossent

Fix redirection after sign in when using auto_sign_in_with_provider

Logic for redirect path moved to a filter.
parent cd579cb2
...@@ -56,6 +56,7 @@ v 7.14.0 (unreleased) ...@@ -56,6 +56,7 @@ v 7.14.0 (unreleased)
- Include branch/tag name in archive file and directory name - Include branch/tag name in archive file and directory name
- Add dropzone upload progress - Add dropzone upload progress
- Add a label for merged branches on branches page (Florent Baldino) - Add a label for merged branches on branches page (Florent Baldino)
- Fix redirection after sign in when using auto_sign_in_with_provider
v 7.13.3 v 7.13.3
- Fix bug causing Bitbucket importer to crash when OAuth application had been removed. - Fix bug causing Bitbucket importer to crash when OAuth application had been removed.
......
...@@ -2,27 +2,10 @@ class SessionsController < Devise::SessionsController ...@@ -2,27 +2,10 @@ class SessionsController < Devise::SessionsController
include AuthenticatesWithTwoFactor include AuthenticatesWithTwoFactor
prepend_before_action :authenticate_with_two_factor, only: [:create] prepend_before_action :authenticate_with_two_factor, only: [:create]
prepend_before_action :store_redirect_path, only: [:new]
before_action :auto_sign_in_with_provider, only: [:new] before_action :auto_sign_in_with_provider, only: [:new]
def new def new
redirect_path =
if request.referer.present? && (params['redirect_to_referer'] == 'yes')
referer_uri = URI(request.referer)
if referer_uri.host == Gitlab.config.gitlab.host
referer_uri.path
else
request.fullpath
end
else
request.fullpath
end
# Prevent a 'you are already signed in' message directly after signing:
# we should never redirect to '/users/sign_in' after signing in successfully.
unless redirect_path == new_user_session_path
store_location_for(:redirect, redirect_path)
end
if Gitlab.config.ldap.enabled if Gitlab.config.ldap.enabled
@ldap_servers = Gitlab::LDAP::Config.servers @ldap_servers = Gitlab::LDAP::Config.servers
end end
...@@ -55,6 +38,26 @@ class SessionsController < Devise::SessionsController ...@@ -55,6 +38,26 @@ class SessionsController < Devise::SessionsController
User.find(session[:otp_user_id]) User.find(session[:otp_user_id])
end end
end end
def store_redirect_path
redirect_path =
if request.referer.present? && (params['redirect_to_referer'] == 'yes')
referer_uri = URI(request.referer)
if referer_uri.host == Gitlab.config.gitlab.host
referer_uri.path
else
request.fullpath
end
else
request.fullpath
end
# Prevent a 'you are already signed in' message directly after signing:
# we should never redirect to '/users/sign_in' after signing in successfully.
unless redirect_path == new_user_session_path
store_location_for(:redirect, redirect_path)
end
end
def authenticate_with_two_factor def authenticate_with_two_factor
user = self.resource = find_user user = self.resource = find_user
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment