diff options
-rw-r--r-- | modules/context/auth.go | 24 | ||||
-rw-r--r-- | routers/home.go | 6 |
2 files changed, 16 insertions, 14 deletions
diff --git a/modules/context/auth.go b/modules/context/auth.go index 5a4d351dc4..9d9bd81c75 100644 --- a/modules/context/auth.go +++ b/modules/context/auth.go @@ -44,21 +44,17 @@ func Toggle(options *ToggleOptions) macaron.Handler { return } - // prevent infinite redirection - // also make sure that the form cannot be accessed by - // users who don't need this - if ctx.Req.URL.Path == "/user/settings/change_password" { - if !ctx.User.MustChangePassword { - ctx.Redirect(setting.AppSubURL + "/") - } - return - } - if ctx.User.MustChangePassword { - ctx.Data["Title"] = ctx.Tr("auth.must_change_password") - ctx.Data["ChangePasscodeLink"] = setting.AppSubURL + "/user/change_password" - ctx.SetCookie("redirect_to", url.QueryEscape(setting.AppSubURL+ctx.Req.RequestURI), 0, setting.AppSubURL) - ctx.Redirect(setting.AppSubURL + "/user/settings/change_password") + if ctx.Req.URL.Path != "/user/settings/change_password" { + ctx.Data["Title"] = ctx.Tr("auth.must_change_password") + ctx.Data["ChangePasscodeLink"] = setting.AppSubURL + "/user/change_password" + ctx.SetCookie("redirect_to", url.QueryEscape(setting.AppSubURL+ctx.Req.RequestURI), 0, setting.AppSubURL) + ctx.Redirect(setting.AppSubURL + "/user/settings/change_password") + return + } + } else if ctx.Req.URL.Path == "/user/settings/change_password" { + // make sure that the form cannot be accessed by users who don't need this + ctx.Redirect(setting.AppSubURL + "/") return } } diff --git a/routers/home.go b/routers/home.go index bea0139111..437c569a79 100644 --- a/routers/home.go +++ b/routers/home.go @@ -7,6 +7,7 @@ package routers import ( "bytes" + "net/url" "strings" "code.gitea.io/gitea/models" @@ -44,6 +45,11 @@ func Home(ctx *context.Context) { log.Info("Failed authentication attempt for %s from %s", ctx.User.Name, ctx.RemoteAddr()) ctx.Data["Title"] = ctx.Tr("auth.prohibit_login") ctx.HTML(200, "user/auth/prohibit_login") + } else if ctx.User.MustChangePassword { + ctx.Data["Title"] = ctx.Tr("auth.must_change_password") + ctx.Data["ChangePasscodeLink"] = setting.AppSubURL + "/user/change_password" + ctx.SetCookie("redirect_to", url.QueryEscape(setting.AppSubURL+ctx.Req.RequestURI), 0, setting.AppSubURL) + ctx.Redirect(setting.AppSubURL + "/user/settings/change_password") } else { user.Dashboard(ctx) } |