I have been trying to do this for days now and cant seem to find any help on how to do is. I want the user after login to be redirected to a different page instead of the members landing page.
Try checking the code in User/AuthController after this comment Run post login hook. There are several ways to do a custom redirect here.
specify a return_url parameter in the link to login page. You can also 64-bit encode the redirect url so that it is compact.
Keep a session variable, namely Zend_Session_Namespace('Redirect')->uri
Write a post login hook onUserLoginAfter and pass a redirect parameter in its response.
If all else fails, hard-code the next line of code which redirects to home :P
Related
I have a question regarding the logout route. When you look at the Demo Page when the user is logged out, a 404 error is shown in the console, because the CMSPageGuard tries to fetch the non-existing Logout page from the Backend. This is a minor problem but doesn't seem intentional?
More so since the logic in the Logout guard redirects to either 'home' or 'login' in case the logout path doesn't exist.
Is the only workaround to not get the 404 error to add a logout page in the Backend, even though it is never shown?
In short, this is intentional. It is part of a feature that makes it easy for storefronts that do require the optional logout page to add it in the CMS and it will be picked up out of the box by the Spartacus logout logic.
You are right about what happens under the hood. If you look at the description of the LogoutGuard in the doc, the overall logic its described like so:
Takes care of routing the user to a logout page (if available) or redirects to the homepage. If the homepage is protected, the user is redirected to the login route instead.
To verify if a logout page is available, the LogoutGuard makes a request for it. If a logout page is not available, that request returns a 404 and this is what shows up in the browser dev tools.
As for preventing that these errors show in the log, there is for now no configuration that will turn this feature off. You might explore using a custom LogoutGuard and override the canActivate function, but I'm not 100% sure this is possible.
I want to use FirebaseUI in redirect mode, as opposed to the current popup mode I'm using. But I don't want to have a separate dedicated login URL, instead I want the user to be able to log in from any URL (using a custom dialog as the UI container for FirebaseUI).
The problem I run into is that when starting the login process, I show the dialog and the user selects their auth provider, gets redirected to the auth website, but then they are redirected back to the original URL on my website.
Now the UI container dialog is not displayed and firebaseUI.start() doesn't get called because the webpage doesn't know that the user is in the process of logging in. The result is that nothing happens - the user is halfway through the login process.
Is there any way I can specify a URL for the first redirect? I'm not talking about the final signInSuccessUrl config parameter, but something similar for the first redirect back to my website?
That way I'd be able to send the original URL that started the login process along with a flag or something that tells the webpage that the user is in the middle of a login flow so that it can display the login process UI container and call firebaseUI.start() to perform the last redirect.
You can start FirebaseUI from any URL but the underlying signInWithRedirect always return to the same URL. Calling start on redirect will complete the sign in. If you have some condition, where you don't always display the sign in UI, you can use some flag pendingRedirect which you save in sessionStorage and check before rendering the UI to complete the sign-in on return. You would clear that after rendering.
How can you redirect the page if the user does not logged in in velocity machine? for example when you visit a another page it will redirect to login page to view the that another page, do I need a conditonal on that?
I believe that you are using SpringFramework in your project.
You could simply add an interceptor to check whether the user has logged in or not and redirect him. You could also add a filter in web.xml file to do the same.
I need help figuring out how to allow users who login go back to the page that they were on before being sent to the login page. Here is a quote from my boss:
Sometimes I forget to sign in and I go to a page, click and get the
notice about joining or signing in. That is fine, but is there a way,
once I sign in to open the page I was trying to open prior to signing
in, instead of having to go through all the navigation again?
I'm using PHP to do this project.
Whatever mechanism forwards the user to the sign-in page should include the original page's URL as a parameter. Something like:
header('Location: http://example.com/login.php?redirectTo=' + urlencode($_SERVER['REQUEST_URI']));
Then the login.php page can redirect to that page after the user authenticates:
header('Location: ' . $_GET['redirectTo']);
You may want to put in some checking on the redirectTo value in login.php to make sure nobody's trying to do anything malicious, I suppose. Though I can't currently think of anything malicious they could do. (Though you would want to include a default if no URL was provided.)
But the general idea is that the authentication mechanism provides the login page with a redirect URL when it detects that the user needs to login.
Currently, I'm trying to integrate the OneDrive SDK onto a website. However, I'm having issue with redirecting with authentication.
Normal route:
User goes to the website. It clicks on a button to single sign onto there OneDrive
User gets redirected to OneDrive Authorization page.
Once authentication, user gets redirected to where they left off. This redirect is specified in the OneDrive's SDK account. However, it seems that they don't allow query params in the redirect URL.
Is there a way around this?
The only thing I could figure out is using a URL that is an alias for the URL with the query params, but that just seems like a hack solution. It's hard to believe that there isn't a way for a user to redirect with query params to indicate at what stage they left off on the site.
Example of invalid redirect url as http://skydpk.com/index.php?a=ap&addon=file_sharing&page=skydrive
Any advice appreciated, Thanks, D
You can pass extra parameters through the state parameter of the /authorize request. Onedrive/Skydrive will pass back the state parameter in the last redirect to you.
So if the redirect url is
http: //skydpk.com/index.php
then your first OAuth leg looks like this:
https://login.live.com/oauth20_authorize.srf?client_id=CLIENT_ID&scope=SCOPES&response_type=code&redirect_uri=http%3A%2F%2Fskydpk.com%2Findex.php&state=state=a%3Dap%26addon%3Dfile_sharing%26page%3Dskydrive
The last OAuth leg then looks like this:
http://skydpk.com/index.php?code=AUTH_CODE&state=a%3Dap%26addon%3Dfile_sharing%26page%3Dskydrive