Custom redirects - what were the issues ?

[kuahyeow]

Hi, we would like to resurrect the code and submit a PR based on https://github.com/movableink/doorman/commit/66b485f6e8d546967206477b3bc810b148058288 to enable redirects back to the URL before auth was required.

However, It seems that code was removed due to "some issues". Are you able to share a bit more ?

[mnutt]

It's been a few years, and I actually can't remember the exact issue. I believe what happened was:

1. user was on a page and their session expired
2. page made an (expired) ajax call, req.session.redirectTo set to the ajax URL
3. user reloads the page, sees the doorman login
4. user logs in, gets redirect to the ajax URL.

I think this may be able to be remedied by only setting redirectURL for responses of type text/html.

[kuahyeow]

Okay thanks for the info. I'll patch something up and try to submit a PR if its looking good On 8 Dec 2014 10:35, "Michael Nutt" notifications@github.com wrote:

It's been a few years, and I actually can't remember the exact issue. I believe what happened was:

1. user was on a page and their session expired
2. page made an (expired) ajax call, req.session.redirectTo set to the ajax URL
3. user reloads the page, sees the doorman login
4. user logs in, gets redirect to the ajax URL.

I think this may be able to be remedied by only setting redirectURL for responses of type text/html.

— Reply to this email directly or view it on GitHub https://github.com/movableink/doorman/issues/24#issuecomment-65956244.