login page redirect url passed as RelayState instead of "login_next_url"

Question

login page redirect url passed as RelayState instead of "login_next_url"

gnuman opened this issue 2 years ago · 3 comments

Thank you so much for maintaining this project.
I'm not sure about if its the similar issue (#145)

I am using MS-AAD, for admin urls such as https://dns/admin/django_celery_beat/periodictask/, I enforce login first.
After login, next url is always assigned to default url as code over here.

next_url = request.session.get("login_next_url") or get_default_next_url()

After login, its POST request to acs where new session gets created so request.session.get("login_next_url") is always None.
However I observed that in such cases next_url is passed as relay_state.

So to keep existing behaviour and fix the problem, assigning next_url to relay_state if it's None

Please find PR, #164

Answer 1 · 2023-04-15T14:13:10.000Z

Hey @gnuman,

Thanks for your contribution! Let's continue the discussion on the PR.

Answer 2 · 2023-06-02T02:05:01.000Z

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

Answer 3 · 2023-06-07T02:08:11.000Z

This issue was closed because it has been stalled for 5 days with no activity.