Preferences redirect routes don't survive a login


(Allen - Watchman Monitoring) #1

Continuing the discussion from Reference generic Preferences link?:

The following two URLs work fine when logged in, but silently stay at the login screen on a site that doesn’t require login.

http://try.discourse.org/email_preferences
or
http://try.discourse.org/user_preferences

On sites which do require login, users are brought to the login screen, then left at the homepage after login.

In both cases, I would expect to be prompted to login, and then brought to the relevant preference page.


(Jeff Atwood) #2

This is more of a general case of login not preserving the url used to get to the private resource. It also affects private category links. It is on @neil’s list.


(James Milligan) #3

Sorry for the bump, but this is still a bug from what I can see - could this be bumped up @neil’s list at all?


(Jeff Atwood) #4

No. Right now @neil is focused on billing, and our survival as a company requires income. We will get to it eventually.


(Allen - Watchman Monitoring) #5

in my private forum, clicking the /my/preferences route takes the user to a login page.

In a public forum, such as try, the page is a bit less forgiving, ending in The page you requested doesn't exist or is private.

Demo


Is /my URL routing considered a secret hidden feature?
(Anthony) #6

This breaks pretty much every URL for a private forum if the user is not logged in. It is a very bad experience to click a url log in and than be dumped onto the home page instead of the actual thread. I would be willing to help with this if you point me in the right direction.


(James Milligan) #7

Pretty sure this was fixed the other day, haven’t had a chance to test yet though:

https://github.com/discourse/discourse/commit/9f8e73303a6a49ffb70e9a377b424e6915f8fdb1


(Anthony) #8

Thanks! Pretty great when ever something is fixed in master.

Seems this will only work when using the log in form. For SSO, would we need to read the cookie at this point too?

Also, not sure if it works for oauth.


(Jeff Atwood) #9