Redirect after login?

[helmutkaufmann]

In a plugin, I am checking if a user is logged in as backend user using

if (!BackendAuth::getUser()) {
    		  return Redirect::to('backend/backend/auth/signin')->with('message', 'Login Failed');
    	}

and then redirect to the backend login page. Is there a way to send him to a specific url, say /docadmin automatically after the user has logged into the backend from that plugin (if the user logs into the backend directly, I would like to still log the person into the backend dashboard)?

[WebVPF]

Events?
https://wintercms.com/docs/v1.2/docs/events/introduction

[helmutkaufmann]

Yes, but that event should only trigger if it has been a redirect from /docadmin...

[LukeTowers]

Yes, just call Redirect::setIntendedUrl('/docadmin'); before generating / returning the redirect.

So your code would look like (also you should use the Backend helper to take into account the configured backend uri).

if (!BackendAuth::getUser()) {
    Redirect::setIntendedUrl('/docadmin');
    return Backend::redirect('backend/auth/signin')->with('message', 'Login Failed');
}

The last step of the login process calls Backend::redirectIntended() which calls Redirect::intended().

[helmutkaufmann]

Hallo Luke. Hope you are well. I have added the above to the onRun code of the plugin. It redirects to the login page but then goes to the backend dashboard.
If I look at the class Auth, the last statement of signin_onSubmit is

// Redirect to the intended page after successful sign in
 return Backend::redirectIntended('backend');

So, it seems to always redirects to backend?

I should perhaps note that /docadmin is a frontend page.

[LukeTowers]

The redirectIntended() method is supposed to check the value set in the session (check the underlying Illuminate\Routing\Redirector class) and only if none is set then redirect to the default provided (in this case 'backend').

I'd recommend doing some debugging to see if the underlying session value is getting clobbered at some point between when you call Redirect::setIntended() and when the call to Backend::redirectIntended() is made. I would also check to make sure that you don't accidentally have a redirect loop in the /docadmin page that would send the user back to the login / dashboard page after being logged in.

[helmutkaufmann]

Interesting....

 public function onRun()
    {
        EventLog::add("Mercator Portfolio onRun called in : " . __FILE__ . " at " . microtime());
		
    	// Simple authorization - only backend users can  manage the portfolio
    	if (!BackendAuth::getUser()) {
			  
			  Redirect::setIntendedUrl("/docadmin");
			  EventLog::add("Mercator Portfolio onRun - user is NOT authorized - redirecting to login page with rediredct to *" . Redirect::getIntendedUrl() . " *** " . $this->currentPageUrl() . "* in : " . __FILE__ . " at " . microtime());
              return Backend::redirect('backend/auth/signin'); // ->with('message', 'Login Failed');
    	}

I would have excepted Redirect::getIntendedUrl() to result into /docadmin but it is https://mercator.li/backend/backend ...

[LukeTowers]

@helmutkaufmann it should be this one: https://github.com/laravel/framework/blob/0f1df957b057b64fd58727da5d1f6d7bd552ea95/src/Illuminate/Routing/Redirector.php#L96

[helmutkaufmann]

Laravel 10?

[helmutkaufmann]

I have added a log statement the Redicrector function of Laravel 9...

public function intended($default = '/', $status = 302, $headers = [], $secure = null)
    {
        $path = $this->session->pull('url.intended', $default);

        EventLog::add("*** intended *** " . $path);

        return $this->to($path, $status, $headers, $secure);
    }

The code fragement in the onRun function of my component reads

if (!BackendAuth::getUser()) { 
			  Redirect::setIntendedUrl($this->currentPageUrl()); 
			  EventLog::add("Mercator Portfolio onRun - user is NOT authorized - redirecting to login page with rediredct to *" . Redirect::getIntendedUrl() . " *** " . $this->currentPageUrl() . "* in : " . __FILE__ . " at " . microtime());
              return Backend::redirect('backend/auth/signin'); // ->with('message', 'Login Failed');
    	}

The public function intended as per the above does not get called.

[LukeTowers]

@helmutkaufmann is this still an issue?

[helmutkaufmann]

Yes, the challenge is still the same.