Home Explore Help
Sign In
githab
/
cakephp
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Fixed infinite redirects for authenticated users accessing login page.

ADmad 12 years ago
parent
af368132a5
commit
4dbf9107a8
2 changed files with 33 additions and 13 deletions
Split View Show Diff Stats
  1. 11 13
      lib/Cake/Controller/Component/AuthComponent.php
  2. 22 0
      lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php

+ 11 - 13
lib/Cake/Controller/Component/AuthComponent.php
View File 

@@ -304,7 +304,10 @@ class AuthComponent extends Component {
 
 			return $this->_unauthenticated($controller);
 
 		}
 
 
-		if (empty($this->authorize) || $this->isAuthorized($this->user())) {
 
+		if ($this->_isLoginAction($controller) ||
 
+			empty($this->authorize) ||
 
+			$this->isAuthorized($this->user())
 
+		) {
 
 			return true;
 
 		}
 
 
@@ -347,6 +350,11 @@ class AuthComponent extends Component {
 
 		}
 
 
 		if ($this->_isLoginAction($controller)) {
 
+			if (empty($controller->request->data)) {
 
+				if (!$this->Session->check('Auth.redirect') && env('HTTP_REFERER')) {
 
+					$this->Session->write('Auth.redirect', $controller->referer(null, true));
 
+				}
 
+			}
 
 			return true;
 
 		}
 
 
@@ -367,9 +375,7 @@ class AuthComponent extends Component {
 
 	}
 
 
 /**
 
- * Normalizes $loginAction and checks if current request url is same as login
 
- * action. If current url is same as login action, referrer url is saved in session
 
- * which is later accessible using redirectUrl().
 
+ * Normalizes $loginAction and checks if current request url is same as login action.
 
  *
 
  * @param Controller $controller A reference to the controller object.
 
  * @return boolean True if current action is login action else false.
 
@@ -382,15 +388,7 @@ class AuthComponent extends Component {
 
 		$url = Router::normalize($url);
 
 		$loginAction = Router::normalize($this->loginAction);
 
 
-		if ($loginAction == $url) {
 
-			if (empty($controller->request->data)) {
 
-				if (!$this->Session->check('Auth.redirect') && env('HTTP_REFERER')) {
 
-					$this->Session->write('Auth.redirect', $controller->referer(null, true));
 
-				}
 
-			}
 
-			return true;
 
-		}
 
-		return false;
 
+		return $loginAction === $url;
 
 	}
 
 
 /**

+ 22 - 0
lib/Cake/Test/Case/Controller/Component/AuthComponentTest.php
View File 

@@ -877,6 +877,28 @@ class AuthComponentTest extends CakeTestCase {
 
 	}
 
 
 /**
 
+ * testNoLoginRedirectForAuthenticatedUser method
 
+ *
 
+ * @return void
 
+ */
 
+	public function testNoLoginRedirectForAuthenticatedUser() {
 
+		$this->Controller->request['controller'] = 'auth_test';
 
+		$this->Controller->request['action'] = 'login';
 
+		$this->Controller->here = '/auth_test/login';
 
+		$this->Auth->request->url = 'auth_test/login';
 
+
 
+		$this->Auth->Session->write('Auth.User.id', '1');
 
+		$this->Auth->authenticate = array('Form');
 
+		$this->getMock('BaseAuthorize', array('authorize'), array(), 'NoLoginRedirectMockAuthorize', false);
 
+		$this->Auth->authorize = array('NoLoginRedirectMockAuthorize');
 
+		$this->Auth->loginAction = array('controller' => 'auth_test', 'action' => 'login');
 
+
 
+		$return = $this->Auth->startup($this->Controller);
 
+		$this->assertTrue($return);
 
+		$this->assertNull($this->Controller->testUrl);
 
+	}
 
+
 
+/**
 
  * Default to loginRedirect, if set, on authError.
 
  *
 
  * @return void