Auth: Write the redirect cookie if denied - do not write a blank redirect (#57381)

* Write the redirect cookie if denied - do not write a blank redirect * Remove redundant code, reverse polarity
2025-02-25 18:55:37 -06:00 · 2022-10-21 09:53:17 -05:00 · 2022-10-21 09:53:17 -05:00 · 5d7d54d076
commit 5d7d54d076
parent 98053cfde8
2 changed files with 5 additions and 1 deletions
--- a/pkg/middleware/auth.go
+++ b/pkg/middleware/auth.go
@ -64,9 +64,12 @@ func writeRedirectCookie(c *models.ReqContext) {
 		redirectTo = setting.AppSubUrl + c.Req.RequestURI
 	}

+	if redirectTo == "/" {
+		return
+	}
+
 	// remove any forceLogin=true params
 	redirectTo = removeForceLoginParams(redirectTo)
-
 	cookies.WriteCookie(c.Resp, "redirect_to", url.QueryEscape(redirectTo), 0, nil)
 }

--- a/pkg/services/accesscontrol/middleware.go
+++ b/pkg/services/accesscontrol/middleware.go
@ -84,6 +84,7 @@ func deny(c *models.ReqContext, evaluator Evaluator, err error) {

 	if !c.IsApiRequest() {
 		// TODO(emil): I'd like to show a message after this redirect, not sure how that can be done?
+		writeRedirectCookie(c)
 		c.Redirect(setting.AppSubUrl + "/")
 		return
 	}