impl login.preLogin middleware

src/server/routes/index.js

@@ -47,14 +47,14 @@ module.exports = function(crowi, app) {
   }
 
   app.get('/login/error/:reason'     , login.error);
-  app.get('/login'                   , middlewares.applicationInstalled     , login.login);
+  app.get('/login'                   , middlewares.applicationInstalled     , login.preLogin, login.login);
   app.get('/login/invited'           , login.invited);
   app.post('/login/activateInvited'  , form.invited                         , csrf, login.invited);
   app.post('/login'                  , form.login                           , csrf, loginPassport.loginWithLocal, loginPassport.loginWithLdap, loginPassport.loginFailure);
   app.post('/_api/login/testLdap'    , loginRequiredStrictly , form.login , loginPassport.testLdapCredentials);
 
   app.post('/register'               , form.register                        , csrf, login.register);
-  app.get('/register'                , middlewares.applicationInstalled     , login.register);
+  app.get('/register'                , middlewares.applicationInstalled     , login.preLogin, login.register);
   app.get('/logout'                  , logout.logout);
 
   app.get('/admin'                          , loginRequiredStrictly , adminRequired , admin.index);

src/server/routes/login-passport.js

@@ -21,7 +21,10 @@ module.exports = function(crowi, app) {
       }
     });
 
-    return res.safeRedirect(req.session.redirectTo);
+    const { redirectTo } = req.session;
+    // remove session.redirectTo
+    delete req.session.redirectTo;
+    return res.safeRedirect(redirectTo);
   };
 
   /**

src/server/routes/login.js

@@ -30,7 +30,10 @@ module.exports = function(crowi, app) {
       return res.redirect('/me/password');
     }
 
-    return res.safeRedirect(req.session.redirectTo);
+    const { redirectTo } = req.session;
+    // remove session.redirectTo
+    delete req.session.redirectTo;
+    return res.safeRedirect(redirectTo);
   };
 
   actions.error = function(req, res) {
@@ -51,10 +54,27 @@ module.exports = function(crowi, app) {
     });
   };
 
+  actions.preLogin = function(req, res, next) {
+    // user has already logged in
+    if (req.user != null) {
+      const { redirectTo } = req.session;
+      // remove session.redirectTo
+      delete req.session.redirectTo;
+      return res.safeRedirect(redirectTo);
+    }
+
+    // set referer to 'redirectTo'
+    if (req.session.redirectTo == null && req.headers.referer != null) {
+      req.session.redirectTo = req.headers.referer;
+    }
+
+    next();
+  }
+
   actions.login = function(req, res) {
-      if (req.form) {
-        debug(req.form.errors);
-      }
+    if (req.form) {
+      debug(req.form.errors);
+    }
 
     return res.render('login', {});
   };

src/server/routes/logout.js

@@ -1,14 +1,11 @@
-const { URL } = require('url');
-
 module.exports = function(crowi, app) {
   return {
     logout(req, res) {
       req.session.destroy();
 
-      // parse referer url
-      const referer = new URL(req.headers.referer);
       // redirect
-      return res.safeRedirect(`${referer.pathname}${referer.search}${referer.hash}`);
+      const redirectTo = req.headers.referer || '/';
+      return res.safeRedirect(redirectTo);
     },
   };
 };