Commit 1a362a24 authored by Ciarán Ainsworth's avatar Ciarán Ainsworth Committed by Georg Krause
Browse files

Prevent open redirect on login

parent f78e3c64
......@@ -1025,6 +1025,7 @@ export default new Router({
},
{
path: '*',
name: '404',
component: () =>
import(/* webpackChunkName: "core" */ '@/components/PageNotFound')
}
......
......@@ -3,30 +3,40 @@
<section class="ui vertical stripe segment">
<div class="ui small text container">
<h2><translate translate-context="Content/Login/Title/Verb">Log in to your Funkwhale account</translate></h2>
<login-form :next="next"></login-form>
<login-form :next="redirectTo"></login-form>
</div>
</section>
</main>
</template>
<script>
import LoginForm from "@/components/auth/LoginForm"
import LoginForm from '@/components/auth/LoginForm'
export default {
props: {
next: { type: String, default: "/library" }
next: { type: String, default: '/library' }
},
data () {
return {
redirectTo: this.next
}
},
components: {
LoginForm
},
created () {
const resolved = this.$router.resolve(this.redirectTo)
console.log(resolved.route.name)
if (resolved.route.name === '404') {
this.redirectTo = '/library'
}
if (this.$store.state.auth.authenticated) {
this.$router.push(this.next)
this.$router.push(this.redirectTo)
}
},
computed: {
labels() {
let title = this.$pgettext('Head/Login/Title', "Log In")
labels () {
const title = this.$pgettext('Head/Login/Title', 'Log In')
return {
title
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment