fix(routing): prevent login redirect loops on alias targets
This commit is contained in:
@@ -251,6 +251,7 @@ final class ModuleRegistry
|
||||
$this->mergedRoutes[] = $route;
|
||||
if (!empty($route['public'])) {
|
||||
$this->mergedPublicPaths[] = $path;
|
||||
$this->mergedPublicPaths[] = $target;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -82,7 +82,9 @@ class AccessControl
|
||||
}
|
||||
|
||||
$locale = I18n::$locale ?? I18n::$defaultLocale;
|
||||
$loginPath = Request::withLocale('login', $locale);
|
||||
// Use the concrete target route. Minty alias rewrites compare the full
|
||||
// REQUEST_URI (including query), so alias paths with query params are fragile.
|
||||
$loginPath = Request::withLocale('auth/login', $locale);
|
||||
|
||||
$requestUri = $_SERVER['REQUEST_URI'] ?? '';
|
||||
$loginTarget = $this->intendedUrlService->buildLoginRedirect($loginPath, $requestUri);
|
||||
|
||||
@@ -73,6 +73,7 @@ final class RouteCatalog
|
||||
|
||||
if ($isPublic) {
|
||||
$publicPaths[] = $path;
|
||||
$publicPaths[] = $target;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -97,10 +97,10 @@ class UserAccessTemplateService
|
||||
}
|
||||
$tenantSlug = $this->tenantSsoService->tenantLoginSlug($tenant);
|
||||
if ($tenantSlug !== '') {
|
||||
return appUrl(Request::withLocale('login?tenant=' . rawurlencode($tenantSlug), $locale));
|
||||
return appUrl(Request::withLocale('auth/login?tenant=' . rawurlencode($tenantSlug), $locale));
|
||||
}
|
||||
}
|
||||
|
||||
return appUrl(Request::withLocale('login', $locale));
|
||||
return appUrl(Request::withLocale('auth/login', $locale));
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user