diff options
| author | blizzz <blizzz@arthur-schiwon.de> | 2017-04-25 13:15:53 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-04-25 13:15:53 +0200 |
| commit | 026070a2fc3b766f9d686c50c358b6f03462ad18 (patch) | |
| tree | 409294bf18780fa47e1e1bd1c9c1ad99f129abbb | |
| parent | 133f3fdc9aec28383dba323d58569eddd160b0df (diff) | |
| parent | bb1d191f82bffc9bbb9243f8fce46f1b62a8f780 (diff) | |
| download | nextcloud-server-026070a2fc3b766f9d686c50c358b6f03462ad18.tar.gz nextcloud-server-026070a2fc3b766f9d686c50c358b6f03462ad18.zip | |
Merge pull request #4484 from nextcloud/fix/logincontroller-redirect-url-failed-login
Fix remember redirect_url on failed login attempts
| -rw-r--r-- | core/Controller/LoginController.php | 3 | ||||
| -rw-r--r-- | tests/Core/Controller/LoginControllerTest.php | 10 |
2 files changed, 9 insertions, 4 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index 9f8b2b75fd0..691d74cdc60 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -240,6 +240,9 @@ class LoginController extends Controller { if ($loginResult === false) { // Read current user and append if possible - we need to return the unmodified user otherwise we will leak the login name $args = !is_null($user) ? ['user' => $originalUser] : []; + if (!is_null($redirect_url)) { + $args['redirect_url'] = $redirect_url; + } $response = new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args)); $response->throttle(); $this->session->set('loginMessages', [ diff --git a/tests/Core/Controller/LoginControllerTest.php b/tests/Core/Controller/LoginControllerTest.php index c9ab8e7476d..ca32a04efe1 100644 --- a/tests/Core/Controller/LoginControllerTest.php +++ b/tests/Core/Controller/LoginControllerTest.php @@ -23,7 +23,6 @@ namespace Tests\Core\Controller; use OC\Authentication\TwoFactorAuth\Manager; use OC\Core\Controller\LoginController; -use OC\Security\Bruteforce\Throttler; use OC\User\Session; use OCP\AppFramework\Http\RedirectResponse; use OCP\AppFramework\Http\TemplateResponse; @@ -281,7 +280,7 @@ class LoginControllerTest extends TestCase { public function testLoginWithInvalidCredentials() { $user = 'MyUserName'; $password = 'secret'; - $loginPageUrl = 'some url'; + $loginPageUrl = '/login?redirect_url=/apps/files'; $this->request ->expects($this->once()) @@ -292,7 +291,10 @@ class LoginControllerTest extends TestCase { ->will($this->returnValue(false)); $this->urlGenerator->expects($this->once()) ->method('linkToRoute') - ->with('core.login.showLoginForm') + ->with('core.login.showLoginForm', [ + 'user' => 'MyUserName', + 'redirect_url' => '/apps/files', + ]) ->will($this->returnValue($loginPageUrl)); $this->userSession->expects($this->never()) @@ -304,7 +306,7 @@ class LoginControllerTest extends TestCase { $expected = new \OCP\AppFramework\Http\RedirectResponse($loginPageUrl); $expected->throttle(); - $this->assertEquals($expected, $this->loginController->tryLogin($user, $password, '')); + $this->assertEquals($expected, $this->loginController->tryLogin($user, $password, '/apps/files')); } public function testLoginWithValidCredentials() { |