Support accessing the MultifactorAuthenticationForm when logged in

author Tim Düsterhus <duesterhus@woltlab.com>

Tue, 17 Nov 2020 10:10:41 +0000 (11:10 +0100)

committer Tim Düsterhus <duesterhus@woltlab.com>

Wed, 18 Nov 2020 12:56:39 +0000 (13:56 +0100)
author Tim Düsterhus <duesterhus@woltlab.com>
Tue, 17 Nov 2020 10:10:41 +0000 (11:10 +0100)
committer Tim Düsterhus <duesterhus@woltlab.com>
Wed, 18 Nov 2020 12:56:39 +0000 (13:56 +0100)
diff --git a/wcfsetup/install/files/lib/form/MultifactorAuthenticationForm.class.php b/wcfsetup/install/files/lib/form/MultifactorAuthenticationForm.class.php

index c8041e8e5d81469cfbe47074ae5dbb106d1d3796..eb2e74391024cd2f7ab9f2dc8768b7387616e5f0 100644 (file)
--- a/wcfsetup/install/files/lib/form/MultifactorAuthenticationForm.class.php
+++ b/wcfsetup/install/files/lib/form/MultifactorAuthenticationForm.class.php
@@ -65,6 +65,14 @@ class MultifactorAuthenticationForm extends AbstractFormBuilderForm {
         public function readParameters() {
                 parent::readParameters();
                 
+               if (!empty($_GET['url']) && ApplicationHandler::getInstance()->isInternalURL($_GET['url'])) {
+                       $this->redirectUrl = $_GET['url'];
+               }
+               
+               if (WCF::getUser()->userID) {
+                       $this->performRedirect();
+               }
+               
                 $this->user = WCF::getSession()->getPendingUserChange();
                 if (!$this->user) {
                         throw new PermissionDeniedException();
@@ -94,10 +102,6 @@ class MultifactorAuthenticationForm extends AbstractFormBuilderForm {
                 \assert($this->method->getDefinition()->definitionName === 'com.woltlab.wcf.multifactor');
                 
                 $this->processor = $this->method->getProcessor();
-               
-               if (!empty($_GET['url']) && ApplicationHandler::getInstance()->isInternalURL($_GET['url'])) {
-                       $this->redirectUrl = $_GET['url'];
-               }
         }
         
         /**
@@ -131,6 +135,13 @@ class MultifactorAuthenticationForm extends AbstractFormBuilderForm {
         public function saved() {
                 AbstractForm::saved();
                 
+               $this->performRedirect();
+       }
+       
+       /**
+        * Returns to the redirectUrl if given and to the landing page otherwise.
+        */
+       protected function performRedirect() {
                 if ($this->redirectUrl) {
                         HeaderUtil::redirect($this->redirectUrl);
                 }
author	Tim Düsterhus <duesterhus@woltlab.com>
	Tue, 17 Nov 2020 10:10:41 +0000 (11:10 +0100)
committer	Tim Düsterhus <duesterhus@woltlab.com>
	Wed, 18 Nov 2020 12:56:39 +0000 (13:56 +0100)