Merge branch '3535-group-sync-fix' into development

[bookstack] / app / Http / Controllers / Auth / LoginController.php

diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 695bfa28d47f14948f7766b517f96c37666556fe..f1a1a8bd6930bbc2cbf5f6b1e0f268d9dfefcaa5 100644 (file)
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -32,10 +32,9 @@ class LoginController extends Controller
      */
     protected $redirectTo = '/';
     protected $redirectPath = '/';
      */
     protected $redirectTo = '/';
     protected $redirectPath = '/';

-    protected $redirectAfterLogout = '/';

 
 

-    protected $socialAuthService;
-    protected $loginService;
+    protected SocialAuthService $socialAuthService;
+    protected LoginService $loginService;

 
     /**
      * Create a new controller instance.
 
     /**
      * Create a new controller instance.


@@ -50,7 +49,6 @@ class LoginController extends Controller
         $this->loginService = $loginService;
 
         $this->redirectPath = url('/');
         $this->loginService = $loginService;
 
         $this->redirectPath = url('/');

-        $this->redirectAfterLogout = url(config('auth.auto_redirect') ? '/login?logout=1' : '/');

     }
 
     public function username()
     }
 
     public function username()


@@ -73,7 +71,7 @@ class LoginController extends Controller
     {
         $socialDrivers = $this->socialAuthService->getActiveDrivers();
         $authMethod = config('auth.method');
     {
         $socialDrivers = $this->socialAuthService->getActiveDrivers();
         $authMethod = config('auth.method');

-        $autoRedirect = config('auth.auto_redirect');
+        $preventInitiation = $request->get('prevent_auto_init') === 'true';

 
         if ($request->has('email')) {
             session()->flashInput([
 
         if ($request->has('email')) {
             session()->flashInput([


@@ -85,8 +83,8 @@ class LoginController extends Controller
         // Store the previous location for redirect after login
         $this->updateIntendedFromPrevious();
 
         // Store the previous location for redirect after login
         $this->updateIntendedFromPrevious();
 

-        if ($autoRedirect && !($request->has('logout') && $request->get('logout') == '1') && count($socialDrivers) == 0 && in_array($authMethod, ['oidc', 'saml2'])) {
-            return view('auth.login-redirect', [
+        if (!$preventInitiation && $this->shouldAutoInitiate()) {
+            return view('auth.login-initiate', [

                 'authMethod'    => $authMethod,
             ]);
         }
                 'authMethod'    => $authMethod,
             ]);
         }


@@ -259,6 +257,18 @@ class LoginController extends Controller
         redirect()->setIntendedUrl($previous);
     }
 
         redirect()->setIntendedUrl($previous);
     }
 

+    /**
+     * Check if login auto-initiate should be valid based upon authentication config.
+     */
+    protected function shouldAutoInitiate(): bool
+    {
+        $socialDrivers = $this->socialAuthService->getActiveDrivers();
+        $authMethod = config('auth.method');
+        $autoRedirect = config('auth.auto_initiate');
+
+        return $autoRedirect && count($socialDrivers) === 0 && in_array($authMethod, ['oidc', 'saml2']);
+    }
+

     /**
      * Logout user and perform subsequent redirect.
      *
     /**
      * Logout user and perform subsequent redirect.
      *


@@ -270,6 +280,8 @@ class LoginController extends Controller
     {
         $this->traitLogout($request);
 
     {
         $this->traitLogout($request);
 

-        return redirect($this->redirectAfterLogout);
+        $redirectUri = $this->shouldAutoInitiate() ? '/login?prevent_auto_init=true' : '/';
+
+        return redirect($redirectUri);

     }
 }
     }
 }