Keep hash when sign in. fix #1706

2026-05-07 20:07:30 +02:00 · 2017-09-14 04:47:21 +09:00
parent b13decf0e9
commit a311ee5ef5
2 changed files with 8 additions and 6 deletions
--- a/src/main/scala/gitbucket/core/controller/IndexController.scala
+++ b/src/main/scala/gitbucket/core/controller/IndexController.scala
@@ -19,11 +19,12 @@ trait IndexControllerBase extends ControllerBase {
  self: RepositoryService with ActivityService with AccountService with RepositorySearchService
    with UsersAuthenticator with ReferrerAuthenticator =>

-  case class SignInForm(userName: String, password: String)
+  case class SignInForm(userName: String, password: String, hash: String)

  val signinForm = mapping(
    "userName" -> trim(label("Username", text(required))),
-    "password" -> trim(label("Password", text(required)))
+    "password" -> trim(label("Password", text(required))),
+    "hash" -> text()
  )(SignInForm.apply)

 //  val searchForm = mapping(
@@ -54,7 +55,7 @@ trait IndexControllerBase extends ControllerBase {

  post("/signin", signinForm){ form =>
    authenticate(context.settings, form.userName, form.password) match {
-      case Some(account) => signin(account)
+      case Some(account) => signin(account, form.hash)
      case None          => {
        flash += "userName" -> form.userName
        flash += "password" -> form.password
@@ -86,7 +87,7 @@ trait IndexControllerBase extends ControllerBase {
  /**
   * Set account information into HttpSession and redirect.
   */
-  private def signin(account: Account) = {
+  private def signin(account: Account, hash: String) = {
    session.setAttribute(Keys.Session.LoginAccount, account)
    updateLastLoginDate(account.userName)

@@ -98,7 +99,7 @@ trait IndexControllerBase extends ControllerBase {
      if(redirectUrl.stripSuffix("/") == request.getContextPath){
        redirect("/")
      } else {
-        redirect(redirectUrl)
+        redirect(redirectUrl + hash)
      }
    }.getOrElse {
      redirect("/")
--- a/src/main/twirl/gitbucket/core/signinform.scala.html
+++ b/src/main/twirl/gitbucket/core/signinform.scala.html
@@ -16,7 +16,8 @@
          <span id="error-password" class="error"></span>
          <input type="password" name="password" id="password" class="form-control" value="@password"/>
        </div>
-        <input type="submit" class="btn btn-success" value="Sign in"/>
+        <input type="hidden" name="hash"/>
+        <input type="submit" class="btn btn-success" value="Sign in" onClick="this.form.hash.value = window.location.hash;"/>
        @if(systemSettings.allowAccountRegistration){
          or <a href="@context.path/register">Create new account</a>
        }