From feeec6aec6e64aab9a770ec8282bb466ab50d581 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C5=A0est=C3=A1k=20V=C3=ADt?= <Vit.Sestak@ysoft.com>
Date: Fri, 12 Feb 2016 20:17:30 +0100
Subject: [PATCH] When user signs in/out, a proper redirect is performed.

---
 app/controllers/AuthController.scala          | 22 +++++++++++--------
 app/controllers/AuthenticatedController.scala |  4 +++-
 app/views/auth/signIn.scala.html              |  4 ++--
 app/views/main.scala.html                     |  4 ++--
 conf/routes                                   |  6 ++---
 5 files changed, 23 insertions(+), 17 deletions(-)

diff --git a/app/controllers/AuthController.scala b/app/controllers/AuthController.scala
index 6bc1526..d9e8c6a 100644
--- a/app/controllers/AuthController.scala
+++ b/app/controllers/AuthController.scala
@@ -30,16 +30,16 @@ class AuthController @Inject() (
     "rememberMe" -> boolean
   )(LoginRequest.apply)(LoginRequest.unapply))
 
-  def signIn = UserAwareAction { implicit request =>
+  def signIn(callback: String) = UserAwareAction { implicit request =>
     request.identity match {
-      case Some(user) => Redirect(routes.Application.index(Map()))
-      case None => Ok(views.html.auth.signIn(signInForm/*, socialProviderRegistry*/))
+      case Some(user) => generateCallback(callback)
+      case None => Ok(views.html.auth.signIn(signInForm, callback/*, socialProviderRegistry*/))
     }
   }
 
-  def authenticate() = UserAwareAction.async { implicit request  =>
+  def authenticate(callback: String) = UserAwareAction.async { implicit request  =>
     signInForm.bindFromRequest().fold(
-      formWithErrors => Future.successful(BadRequest(views.html.auth.signIn(formWithErrors/*, socialProviderRegistry*/))),
+      formWithErrors => Future.successful(BadRequest(views.html.auth.signIn(formWithErrors, callback/*, socialProviderRegistry*/))),
       loginRequest => {
         credentialsVerificationService.verifyCredentials(loginRequest.username, loginRequest.password).flatMap{
           case Right(email) =>
@@ -50,18 +50,22 @@ class AuthController @Inject() (
               authenticator <- env.authenticatorService.create(loginInfo)
               _ = env.eventBus.publish(LoginEvent(user, request, implicitly[Messages]))
               res <- env.authenticatorService.init(authenticator).flatMap(cookie =>
-                env.authenticatorService.embed(cookie.copy(secure = request.secure), Redirect(routes.Application.index(Map())))
+                env.authenticatorService.embed(cookie.copy(secure = request.secure), generateCallback(callback))
               )
             } yield res
           case Left(errorMessage) =>
-            Future.successful(Redirect(routes.AuthController.signIn()).flashing("error" -> Messages("invalid.credentials")))
+            Future.successful(Redirect(routes.AuthController.signIn(callback)).flashing("error" -> Messages("invalid.credentials")))
         }
       }
     )
   }
 
-  def signOut = SecuredAction.async { implicit request =>
-    val result = Redirect(routes.Application.index(Map()))
+  private def generateCallback(callback: String) = {
+    if (callback startsWith "/") Redirect(callback) else Redirect(routes.Application.index(Map()))
+  }
+
+  def signOut(callback: String) = SecuredAction.async { implicit request =>
+    val result = generateCallback(callback)
     env.eventBus.publish(LogoutEvent(request.identity, request, request2Messages))
     env.authenticatorService.discard(request.authenticator, result)
   }
diff --git a/app/controllers/AuthenticatedController.scala b/app/controllers/AuthenticatedController.scala
index 6aca545..b109406 100644
--- a/app/controllers/AuthenticatedController.scala
+++ b/app/controllers/AuthenticatedController.scala
@@ -20,7 +20,9 @@ trait AuthenticatedControllerLowPriorityImplicits[T, C]{
 abstract class AuthenticatedController extends Silhouette[User, CookieAuthenticator] with AuthenticatedControllerLowPriorityImplicits[User, CookieAuthenticator]{
 
 
-  override protected def onNotAuthenticated(request: RequestHeader): Option[Future[Result]] = Some(Future.successful(Redirect(routes.AuthController.signIn())))
+  override protected def onNotAuthenticated(request: RequestHeader): Option[Future[Result]] = Some(Future.successful(Redirect(
+    routes.AuthController.signIn(request.path+"?"+request.rawQueryString)
+  )))
 
   object ReadAction extends SecuredActionBuilder with Results {
 
diff --git a/app/views/auth/signIn.scala.html b/app/views/auth/signIn.scala.html
index 05812b0..ef29208 100644
--- a/app/views/auth/signIn.scala.html
+++ b/app/views/auth/signIn.scala.html
@@ -1,8 +1,8 @@
 @import helper._
-@(loginForm: Form[LoginRequest]/*, socialProviderRegistry: SocialProviderRegistry*/)(implicit requestHeader: DefaultRequest, messages: Messages)
+@(loginForm: Form[LoginRequest], callback: String/*, socialProviderRegistry: SocialProviderRegistry*/)(implicit requestHeader: DefaultRequest, messages: Messages)
 
 @main("Log in"){
-    @form(routes.AuthController.authenticate()){
+    @form(routes.AuthController.authenticate(callback)){
         @CSRF.formField
         @inputText(loginForm("username"))
         @inputPassword(loginForm("password"))
diff --git a/app/views/main.scala.html b/app/views/main.scala.html
index febdd19..21de421 100644
--- a/app/views/main.scala.html
+++ b/app/views/main.scala.html
@@ -74,9 +74,9 @@
             </ul>
             <ul class="nav navbar-nav navbar-right">
                 <li>@header.identity.fold{
-                    <a class="btn btn-default" href="@routes.AuthController.signIn()">Log in</a>
+                    <a class="btn btn-default" href="@routes.AuthController.signIn(header.path+"?"+header.rawQueryString)">Log in</a>
                 }{ user =>
-                    @form(routes.AuthController.signOut()){
+                    @form(routes.AuthController.signOut(header.path+"?"+header.rawQueryString)){
                         @CSRF.formField
                         <button type="submit" class="btn btn-warning">Logout @user.username</button>
                     }
diff --git a/conf/routes b/conf/routes
index 27b4366..d77193d 100644
--- a/conf/routes
+++ b/conf/routes
@@ -41,9 +41,9 @@ POST        /tags/import                      controllers.Application.tagsImport
 
 GET         /routes.js                        controllers.Application.javascriptRoutes
 
-GET         /sign-in                          controllers.AuthController.signIn
-POST        /sign-in                          controllers.AuthController.authenticate
-POST        /sign-out                         controllers.AuthController.signOut
+GET         /sign-in                          controllers.AuthController.signIn(callback: String)
+POST        /sign-in                          controllers.AuthController.authenticate(callback: String)
+POST        /sign-out                         controllers.AuthController.signOut(callback: String)
 
 # Map static resources from the /public folder to the /assets URL path
 GET         /assets/*file                     controllers.Assets.versioned(path="/public", file: Asset)