feat(authentication): preserve intended URL after re-login#254
Merged
Conversation
When a session expires while a user has a deep-linked page open (a territory, a publisher card, etc.), send them back to that URL after logging in instead of always landing on /. Only the pure not-authenticated branches carry the URL through — wall pages (suspended, trial expired, unverified email, tenant mismatch) stay bare so users are not looped back into a page they cannot access. Sanitization flows through the existing safeRedirectUrl helper to block open-redirect targets in both the URL query and the form field.
Add a WHY comment on the tenant-mismatch bare-redirect so a future contributor doesn't "fix the inconsistency" and leak a cross-tenant path back into the URL. Extend the safeRedirectUrl JSDoc to note the rejection warn log, and expand the auth flow diagram to cover session expiry, the re-auth destination, and the wall-page exceptions.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
safeRedirectUrlhelper to block open-redirect attempts, with rejected values logged for ops visibility.Test plan
pnpm test:unit— 1937 tests pass, including new coverage forresolvePostLoginRedirect(form/URL precedence, empty values, malformed URL, open-redirect rejection) andbuildLoginRedirectUrl.pnpm test:typecheckclean.pnpm test:lint— no warnings on touched files.login.spec.tsround-trip locally (Playwright): unauthenticated GET/publishers→/login?redirectTo=%2Fpublishers→ submit creds → back to/publishers.?redirectTo=https://evil.comfalls back to/and emits thesafeRedirectUrlwarn log./suspended,/trial-expired,/verify-email) still redirect bare without aredirectTotail.