Enhance authentication flow by adding return URL support

This commit updates the authentication process to include a return URL parameter, allowing users to be redirected back to their original page after logging in. Changes were made to the AuthController, Login component, and Routes component to handle the return URL appropriately. Additionally, improvements were made to the TeamScheduler and TeamSchedulerSolution classes for better team and student management. These enhancements improve user experience and navigation within the application.
2026-01-11 13:13:24 -05:00
parent 5a1b3fad2e
commit 6acbc4e852
11 changed files with 74 additions and 94 deletions
@@ -26,7 +26,8 @@ namespace WebApp.Authentication
        public async Task<IActionResult> CookieLogin(
            [FromForm] string email,
            [FromForm] string password,
-            [FromForm] bool rememberMe = false)
+            [FromForm] bool rememberMe = false,
+            [FromForm] string? returnUrl = null)
        {
            try
            {
@@ -42,7 +43,10 @@ namespace WebApp.Authentication
                        ipAddress, remaining);

                    var errorMsg = Uri.EscapeDataString($"Too many failed attempts. Try again in {remaining?.Minutes ?? 15} minutes.");
-                    return Redirect($"/login?error={errorMsg}");
+                    var redirectUrl = string.IsNullOrEmpty(returnUrl) 
+                        ? $"/login?error={errorMsg}" 
+                        : $"/login?error={errorMsg}&returnUrl={Uri.EscapeDataString(returnUrl)}";
+                    return Redirect(redirectUrl);
                }

                // Validate credentials
@@ -57,7 +61,10 @@ namespace WebApp.Authentication
                        "Failed login attempt for {Email} from {IpAddress}",
                        email, ipAddress);

-                    return Redirect("/login?error=Invalid%20email%20or%20password.");
+                    var redirectUrl = string.IsNullOrEmpty(returnUrl) 
+                        ? "/login?error=Invalid%20email%20or%20password." 
+                        : $"/login?error=Invalid%20email%20or%20password.&returnUrl={Uri.EscapeDataString(returnUrl)}";
+                    return Redirect(redirectUrl);
                }

                // Success - clear rate limit tracking
@@ -89,13 +96,22 @@ namespace WebApp.Authentication
                    "Successful login for {Email} ({Role}) from {IpAddress}",
                    result.Email, result.Role, ipAddress);

+                // Validate return URL is local to prevent open redirect attacks
+                if (!string.IsNullOrEmpty(returnUrl) && Url.IsLocalUrl(returnUrl))
+                {
+                    return Redirect(returnUrl);
+                }
+
                return Redirect("/");
            }
            catch (Exception ex)
            {
                _logger.LogError(ex, "Error during login process");
                TempData["LoginError"] = "An error occurred. Please try again.";
-                return Redirect("/login");
+                var redirectUrl = string.IsNullOrEmpty(returnUrl) 
+                    ? "/login" 
+                    : $"/login?returnUrl={Uri.EscapeDataString(returnUrl)}";
+                return Redirect(redirectUrl);
            }
        }