fix(routing): prevent login redirect loops on alias targets

This commit is contained in:
2026-04-26 10:20:28 +02:00
parent d0544d3428
commit dffc4db9a2
7 changed files with 149 additions and 4 deletions

View File

@@ -251,6 +251,7 @@ final class ModuleRegistry
$this->mergedRoutes[] = $route;
if (!empty($route['public'])) {
$this->mergedPublicPaths[] = $path;
$this->mergedPublicPaths[] = $target;
}
}

View File

@@ -82,7 +82,9 @@ class AccessControl
}
$locale = I18n::$locale ?? I18n::$defaultLocale;
$loginPath = Request::withLocale('login', $locale);
// Use the concrete target route. Minty alias rewrites compare the full
// REQUEST_URI (including query), so alias paths with query params are fragile.
$loginPath = Request::withLocale('auth/login', $locale);
$requestUri = $_SERVER['REQUEST_URI'] ?? '';
$loginTarget = $this->intendedUrlService->buildLoginRedirect($loginPath, $requestUri);

View File

@@ -73,6 +73,7 @@ final class RouteCatalog
if ($isPublic) {
$publicPaths[] = $path;
$publicPaths[] = $target;
}
}

View File

@@ -97,10 +97,10 @@ class UserAccessTemplateService
}
$tenantSlug = $this->tenantSsoService->tenantLoginSlug($tenant);
if ($tenantSlug !== '') {
return appUrl(Request::withLocale('login?tenant=' . rawurlencode($tenantSlug), $locale));
return appUrl(Request::withLocale('auth/login?tenant=' . rawurlencode($tenantSlug), $locale));
}
}
return appUrl(Request::withLocale('login', $locale));
return appUrl(Request::withLocale('auth/login', $locale));
}
}