fix: do not redirect on favicon and keep query in redirect after login

c0cd0c7c · Nicolas Pernoud · 08cd35cc · c0cd0c7c · c0cd0c7c
Commit c0cd0c7c authored Jun 23, 2021 by Nicolas Pernoud
--- a/pkg/auth/auth.go
+++ b/pkg/auth/auth.go
@@ -80,8 +80,8 @@ func ValidateAuthMiddleware(next http.Handler, allowedRoles []string, checkXSRF
 				redirectTo += ":" + port
 			}
 			// Write the requested url in a cookie
-			if r.Host != redirectTo {
+			if r.Host != redirectTo && r.URL.Path != "/favicon.ico" {
-				cookie := http.Cookie{Name: "redirectAfterLogin", Domain: hostname, Value: r.Host + r.URL.Path, MaxAge: 30, Secure: true, HttpOnly: false, SameSite: http.SameSiteLaxMode}
+				cookie := http.Cookie{Name: "redirectAfterLogin", Path: "/", Domain: hostname, Value: r.Host + r.URL.Path + "?" + r.URL.RawQuery, MaxAge: 30, Secure: true, HttpOnly: false, SameSite: http.SameSiteLaxMode}
 				http.SetCookie(w, &cookie)
 			}
 			w.Header().Set("Content-Type", "text/html")

--- a/web/services/auth/auth.js
+++ b/web/services/auth/auth.js
@@ -20,7 +20,7 @@ export async function GetUser() {
      const redirectAfterLogin = document.cookie
        .split("; ")
        .find((row) => row.startsWith("redirectAfterLogin="))
-        .split("=")[1];
+        .split(/=(.+)/)[1];
      if (redirectAfterLogin != "" && redirectAfterLogin != null) {
        window.location.replace("https://" + redirectAfterLogin);