FIX: redirect to sso_destination_url after account activation

2025-02-17 06:32:45 +08:00 · 2018-05-11 19:57:04 +02:00 · 2018-05-11 19:57:04 +02:00 · 0402e97368
commit 0402e97368
parent b10c684459
3 changed files with 19 additions and 26 deletions
--- a/app/controllers/session_controller.rb
+++ b/app/controllers/session_controller.rb
@ -77,6 +77,7 @@ class SessionController < ApplicationController
        end
      else
        session[:sso_payload] = request.query_string
+        cookies[:sso_destination_url] = sso.to_url(sso.return_sso_url)
        redirect_to path('/login')
      end
    else
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -667,13 +667,10 @@ class UsersController < ApplicationController

    @custom_body_class = "static-account-created"
    @message = session['user_created_message'] || I18n.t('activation.missing_session')
-    @account_created = {
-      message: @message,
-      show_controls: false
-    }
+    @account_created = { message: @message, show_controls: false }

    if session_user_id = session[SessionController::ACTIVATE_USER_KEY]
-      if user = User.where(id: session_user_id.to_i).first
+      if user = User.find_by(id: session_user_id.to_i)
        @account_created[:username] = user.username
        @account_created[:email] = user.email
        @account_created[:show_controls] = !user.from_staged?
@ -696,8 +693,8 @@ class UsersController < ApplicationController

  def perform_account_activation
    raise Discourse::InvalidAccess.new if honeypot_or_challenge_fails?(params)
-    if @user = EmailToken.confirm(params[:token])

+    if @user = EmailToken.confirm(params[:token])
      # Log in the user unless they need to be approved
      if Guardian.new(@user).can_access_forum?
        @user.enqueue_welcome_message('welcome_user') if @user.send_welcome_message
@ -708,6 +705,9 @@ class UsersController < ApplicationController
        elsif destination_url = cookies[:destination_url]
          cookies[:destination_url] = nil
          return redirect_to(destination_url)
+        elsif sso_destination_url = cookies[:sso_destination_url]
+          cookies[:sso_destination_url] = nil
+          return redirect_to(sso_destination_url)
        end
      else
        @needs_approval = true
--- a/app/views/users/activate_account.html.erb
+++ b/app/views/users/activate_account.html.erb
@ -17,26 +17,18 @@

 <script language="javascript">
  (function() {
-    function activateAccount() {
-      $('#activate-account-button').prop('disabled', true);
-      $.ajax("<%= path "/u/hp" %>").then(function(hp) {
-        $('#password_confirmation').val(hp.value);
-        $('#challenge').val(hp.challenge.split("").reverse().join(""));
-        $('#activate-account-form').submit();
-      }).fail(function() {
-        $('#activate-account-button').prop('disabled', false);
+    setTimeout(function() {
+      var $activateButton = $('#activate-account-button');
+      $activateButton.on('click', function() {
+        $activateButton.prop('disabled', true);
+        $.ajax("<%= path "/u/hp" %>").then(function(hp) {
+          $('#password_confirmation').val(hp.value);
+          $('#challenge').val(hp.challenge.split("").reverse().join(""));
+          $('#activate-account-form').submit();
+        }).fail(function() {
+          $activateButton.prop('disabled', false);
+        });
      });
-    }
-
-    var t0 = new Date().getTime();
-    $('#activate-account-button').on('click', function() {
-      var diff = new Date().getTime() - t0;
-
-      // Ensure the form has been visible for a few ms before allowing the
-      // user to submit.
-      if (diff > 50) {
-        activateAccount();
-      }
-    });
+    }, 50);
  })();
 </script>