diff options
author | Filipa Lacerda <filipa@gitlab.com> | 2017-10-10 09:05:53 +0100 |
---|---|---|
committer | Filipa Lacerda <filipa@gitlab.com> | 2017-10-10 09:05:53 +0100 |
commit | abdfe58503d26137ee0cb3cc17dcbdedcb93d57c (patch) | |
tree | 4f1132f9aa61d5ecb53ebe7fe16b531e5968b232 /app/controllers/sessions_controller.rb | |
parent | 058381b6a5a331a85389d12e032117621bab19cc (diff) | |
parent | 43b692cb4b43a476862fb6e7bf4c09edd6035077 (diff) | |
download | gitlab-ce-38869-ci-global.tar.gz |
Merge branch 'master' into 38869-ci-global38869-ci-global
* master: (116 commits)
Fix bad type checking to prevent 0 count badge to be shown
fix incorrect description for advanced settings section of project settings
Introduce new hook data builders for Issue and MergeRequest
Don't create todos for old issue assignees
Start adding Gitlab::HookData::IssuableBuilder
Include the changes in issuable webhook payloads
Rename the `codeclimate` job to `codequality`
Don't show an "Unsubscribe" link in snippet comment notifications
Add QA::Scenario::Gitlab::Group::Create
Removes CommitsList from global namespace
Fix wiki empty page translation namespace not being removed
Fixes mini graph in commit view
Fix link to new i18n index page
Update i18n docs
Move i18n/introduction to i18n/index
Resolve "Simple documentation update - backup to restore in restore section"
Remove AjaxLoadingSpinner and CreateLabelDropdown from global namespace
Move cycle analytics banner into a vue file
Updated Icons + Fix for Collapsed Groups Angle
Don't create fork networks for root projects that are deleted
...
Diffstat (limited to 'app/controllers/sessions_controller.rb')
-rw-r--r-- | app/controllers/sessions_controller.rb | 37 |
1 files changed, 22 insertions, 15 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index ada91694fd6..c01be42c3ee 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -8,8 +8,7 @@ class SessionsController < Devise::SessionsController prepend_before_action :check_initial_setup, only: [:new] prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create] - prepend_before_action :store_redirect_path, only: [:new] - + prepend_before_action :store_redirect_uri, only: [:new] before_action :auto_sign_in_with_provider, only: [:new] before_action :load_recaptcha @@ -86,28 +85,36 @@ class SessionsController < Devise::SessionsController end end - def store_redirect_path - redirect_path = + def stored_redirect_uri + @redirect_to ||= stored_location_for(:redirect) + end + + def store_redirect_uri + redirect_uri = if request.referer.present? && (params['redirect_to_referer'] == 'yes') - referer_uri = URI(request.referer) - if referer_uri.host == Gitlab.config.gitlab.host - referer_uri.request_uri - else - request.fullpath - end + URI(request.referer) else - request.fullpath + URI(request.url) end # Prevent a 'you are already signed in' message directly after signing: # we should never redirect to '/users/sign_in' after signing in successfully. - unless URI(redirect_path).path == new_user_session_path - store_location_for(:redirect, redirect_path) - end + return true if redirect_uri.path == new_user_session_path + + redirect_to = redirect_uri.to_s if redirect_allowed_to?(redirect_uri) + + @redirect_to = redirect_to + store_location_for(:redirect, redirect_to) + end + + # Overridden in EE + def redirect_allowed_to?(uri) + uri.host == Gitlab.config.gitlab.host && + uri.port == Gitlab.config.gitlab.port end def two_factor_enabled? - find_user.try(:two_factor_enabled?) + find_user&.two_factor_enabled? end def auto_sign_in_with_provider |