Add support for redirectUrl to MultifactorAuthenticationForm

diff --git a/com.woltlab.wcf/templates/multifactorAuthentication.tpl b/com.woltlab.wcf/templates/multifactorAuthentication.tpl
index fbcefda83b395995e40bfc13ec3474b09bef9220..0de275874740450e7a4f6e55b48d93248cc072db 100644 (file)
--- a/com.woltlab.wcf/templates/multifactorAuthentication.tpl
+++ b/com.woltlab.wcf/templates/multifactorAuthentication.tpl
@@ -7,7 +7,7 @@
                                <ol class="boxMenu">
                                        {foreach from=$setups item='_setup'}
                                                <li{if $setup->getId() == $_setup->getId()} class="active"{/if}>
-                                                       <a class="boxMenuLink" href="{link controller='MultifactorAuthentication' object=$_setup}{/link}"><span class="boxMenuLinkTitle">{lang}wcf.user.security.multifactor.{$_setup->getObjectType()->objectType}{/lang}</span></a>
+                                                       <a class="boxMenuLink" href="{link controller='MultifactorAuthentication' object=$_setup url=$redirectUrl}{/link}"><span class="boxMenuLinkTitle">{lang}wcf.user.security.multifactor.{$_setup->getObjectType()->objectType}{/lang}</span></a>
                                                </li>
                                        {/foreach}
                                </ol>

diff --git a/wcfsetup/install/files/lib/acp/form/LoginForm.class.php b/wcfsetup/install/files/lib/acp/form/LoginForm.class.php
index 208535a6496fdaf73196110de281eca94c530e57..4d5b28566c1a8b40b3b54a39ea2dc97e7b594580 100755 (executable)
--- a/wcfsetup/install/files/lib/acp/form/LoginForm.class.php
+++ b/wcfsetup/install/files/lib/acp/form/LoginForm.class.php
@@ -213,7 +213,9 @@ class LoginForm extends AbstractCaptchaForm {
         */
        protected function performRedirect(bool $needsMultifactor = false) {
                if ($needsMultifactor) {
-                       $this->url = LinkHandler::getInstance()->getControllerLink(MultifactorAuthenticationForm::class);
+                       $this->url = LinkHandler::getInstance()->getControllerLink(MultifactorAuthenticationForm::class, [
+                               'url' => $this->url,
+                       ]);
                }
                
                if (!empty($this->url)) {

diff --git a/wcfsetup/install/files/lib/form/MultifactorAuthenticationForm.class.php b/wcfsetup/install/files/lib/form/MultifactorAuthenticationForm.class.php
index d9483ffb72e6173e1cb28eca325aacec83176c0c..c8041e8e5d81469cfbe47074ae5dbb106d1d3796 100644 (file)
--- a/wcfsetup/install/files/lib/form/MultifactorAuthenticationForm.class.php
+++ b/wcfsetup/install/files/lib/form/MultifactorAuthenticationForm.class.php
@@ -3,12 +3,14 @@ namespace wcf\form;
 use wcf\data\object\type\ObjectType;
 use wcf\data\user\User;
 use wcf\form\AbstractFormBuilderForm;
+use wcf\system\application\ApplicationHandler;
 use wcf\system\exception\IllegalLinkException;
 use wcf\system\exception\PermissionDeniedException;
 use wcf\system\request\LinkHandler;
 use wcf\system\user\multifactor\IMultifactorMethod;
 use wcf\system\user\multifactor\Setup;
 use wcf\system\WCF;
+use wcf\util\HeaderUtil;
 
 /**
  * Represents the multi-factor authentication form.
@@ -52,6 +54,11 @@ class MultifactorAuthenticationForm extends AbstractFormBuilderForm {
         */
        private $setup;
        
+       /**
+        * @var string
+        */
+       public $redirectUrl;
+       
        /**
         * @inheritDoc
         */
@@ -87,6 +94,10 @@ class MultifactorAuthenticationForm extends AbstractFormBuilderForm {
                \assert($this->method->getDefinition()->definitionName === 'com.woltlab.wcf.multifactor');
                
                $this->processor = $this->method->getProcessor();
+               
+               if (!empty($_GET['url']) && ApplicationHandler::getInstance()->isInternalURL($_GET['url'])) {
+                       $this->redirectUrl = $_GET['url'];
+               }
        }
        
        /**
@@ -120,11 +131,13 @@ class MultifactorAuthenticationForm extends AbstractFormBuilderForm {
        public function saved() {
                AbstractForm::saved();
                
-               $this->form->cleanup();
-               $this->buildForm();
-               
-               // TODO: Proper success message and hiding of the form.
-               $this->form->showSuccessMessage(true);
+               if ($this->redirectUrl) {
+                       HeaderUtil::redirect($this->redirectUrl);
+               }
+               else {
+                       HeaderUtil::redirect(LinkHandler::getInstance()->getLink());
+               }
+               exit;
        }
        
        /**
@@ -133,6 +146,7 @@ class MultifactorAuthenticationForm extends AbstractFormBuilderForm {
        protected function setFormAction() {
                $this->form->action(LinkHandler::getInstance()->getControllerLink(static::class, [
                        'object' => $this->setup,
+                       'url' => $this->redirectUrl,
                ]));
        }
        
@@ -146,6 +160,7 @@ class MultifactorAuthenticationForm extends AbstractFormBuilderForm {
                        'setups' => $this->setups,
                        'user' => $this->user,
                        'setup' => $this->setup,
+                       'redirectUrl' => $this->redirectUrl,
                ]);
        }
 }