docker/mailu
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Handle redirects properly when logging in, fixes #195

Browse Source
This commit is contained in:
kaiyou
2017-09-10 15:56:08 +02:00
parent 52da307fa5
commit 856d6176ca
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
admin/mailu/admin/views/base.py
View File

@@ -6,6 +6,7 @@ import flask_login
import smtplib import smtplib
from email.mime import text from email.mime import text
from urllib import parse
@app.route('/', methods=["GET"]) @app.route('/', methods=["GET"])
@@ -21,7 +22,11 @@ def login():
user = models.User.login(form.email.data, form.pw.data) user = models.User.login(form.email.data, form.pw.data)
if user: if user:
flask_login.login_user(user) flask_login.login_user(user)
return flask.redirect(flask.url_for('.index')) redirect = flask.request.args.get('next')
parsed_redirect = parse.urlparse(redirect)
if parsed_redirect.scheme or parsed_redirect.netloc:
return flask.abort(400)
return flask.redirect(redirect or flask.url_for('.index'))
else: else:
flask.flash('Wrong e-mail or password', 'error') flask.flash('Wrong e-mail or password', 'error')
return flask.render_template('login.html', form=form) return flask.render_template('login.html', form=form)