Skip to content

[Web] redirect deep links to the matching login page#7349

Open
smpaz7467 wants to merge 1 commit into
mailcow:stagingfrom
smpaz7467:fix/login-redirect-deeplink
Open

[Web] redirect deep links to the matching login page#7349
smpaz7467 wants to merge 1 commit into
mailcow:stagingfrom
smpaz7467:fix/login-redirect-deeplink

Conversation

@smpaz7467

Copy link
Copy Markdown

What

An unauthenticated request to a deep link like /admin/dashboard redirected to /
(the user login) instead of the admin login. protect_route() sent every
unauthenticated visitor to / regardless of which area the link belonged to.

Fix

Choose the login page from the request path in the unauthenticated branch of
protect_route():

  • /admin/*/admin
  • /domainadmin/*/domainadmin
  • everything else → / (unchanged)

Verification (live stack, unauthenticated curl)

deep link before after
/admin/dashboard / /admin
/admin/mailbox / /admin
/domainadmin/mailbox / /domainadmin
/user / / (unchanged)

php -l clean.

Scope

This lands deep links on the correct login page, as the issue asks. It does not
implement the reporter's optional "redirect back to the originally requested URL
after login" idea — that's a larger change (persisting and validating a return URL)
and better handled separately.

Fixes #7284

An unauthenticated request to a deep link such as /admin/dashboard was
redirected to /, the user login, instead of the admin login. protect_route
always sent unauthenticated visitors to /.

Pick the login page from the request path: /admin/* redirects to /admin,
/domainadmin/* to /domainadmin, everything else to / as before.

Fixes mailcow#7284

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant