search

CakeDC / users

Users Plugin for CakePHP
https://www.cakedc.com
Other
521 stars 296 forks source link

[9.0.0] probleme when not authorized #850

Closed cri-tech closed 4 years ago

cri-tech commented 4 years ago

Hello,

I have a problem with the redirect url when a user isn't authorized, i added this in my user.php : 

'AuthorizationMiddleware' => [
            'unauthorizedHandler' => [
                'exceptions' => [
                    'MissingIdentityException' => 'Authorization\Exception\MissingIdentityException',
                    'ForbiddenException' => 'Authorization\Exception\ForbiddenException',
                ],
                'className' => 'Authorization.CakeRedirect',
///////////--------------------------------------------             
                // -- define the Url for unauthorized :
                     'url'=>[
                         'plugin' => null,
                         'controller' => '',
                         'action' => 'login',
                     ]
                // -- define the name for param of redirect:
                    'queryParam' => 'redirect',
///////////--------------------------------------------
            ]
        ],

it solved the first redirection to the login form but i still have a problem with the redirection after the login step.

i'm on a subfolder and the redirect url look's like : http://my.url/cakephp4/login?redirect=http%3A%2F%2Fmy.url%2Fmycontroller%2Fedit%2F6 but it should be : http://my.url/cakephp4/login?redirect=http%3A%2F%2Fmy.url%2Fcakephp4%2Fmycontroller%2Fedit%2F6

looks like the function in vendor\cakephp\authorization\src\Middleware\UnauthorizedHandler\CakeRedirectHandler.php : 

protected function getUrl(ServerRequestInterface $request, array $options): string
    {
        $url = $options['url'];
        if ($options['queryParam'] !== null) {
            $url['?'][$options['queryParam']] = (string)$request->getUri(); <- here
        }

        return Router::url($url);
    }

don't return the good value for the redirect.

rochamarcelo commented 4 years ago

The issue should be discussed at https://github.com/cakephp/authorization

rochamarcelo commented 4 years ago

@cri-tech could you open an issue at https://github.com/cakephp/authorization?