Auth: Write the redirect cookie if denied - do not write a blank redirect (#57381)

* Write the redirect cookie if denied - do not write a blank redirect

* Remove redundant code, reverse polarity

pkg/middleware/auth.go

@@ -64,9 +64,12 @@ func writeRedirectCookie(c *models.ReqContext) {
 		redirectTo = setting.AppSubUrl + c.Req.RequestURI
 	}
 
+	if redirectTo == "/" {
+		return
+	}
+
 	// remove any forceLogin=true params
 	redirectTo = removeForceLoginParams(redirectTo)
-
 	cookies.WriteCookie(c.Resp, "redirect_to", url.QueryEscape(redirectTo), 0, nil)
 }
 

pkg/services/accesscontrol/middleware.go

@@ -84,6 +84,7 @@ func deny(c *models.ReqContext, evaluator Evaluator, err error) {
 
 	if !c.IsApiRequest() {
 		// TODO(emil): I'd like to show a message after this redirect, not sure how that can be done?
+		writeRedirectCookie(c)
 		c.Redirect(setting.AppSubUrl + "/")
 		return
 	}