From 0e2ea65918358eb9cd6fe78c9f8650ab9a6e579f Mon Sep 17 00:00:00 2001
From: itelo <itelofilho@gmail.com>
Date: Wed, 19 Oct 2016 22:12:47 -0200
Subject: [PATCH] fix(users): fix redirect when signup or add provider (#1573)

Fixes the issue of the redirect after Social login authentication, on signup or user profile add provider.
---
 ...anage-social-accounts.client.controller.js | 13 +++++++++--
 .../manage-social-accounts.client.view.html   | 12 +++++-----
 .../users.authentication.server.controller.js | 22 ++++++++++---------
 3 files changed, 29 insertions(+), 18 deletions(-)

diff --git a/modules/users/client/controllers/settings/manage-social-accounts.client.controller.js b/modules/users/client/controllers/settings/manage-social-accounts.client.controller.js
index 1551fce1..0e1c954e 100644
--- a/modules/users/client/controllers/settings/manage-social-accounts.client.controller.js
+++ b/modules/users/client/controllers/settings/manage-social-accounts.client.controller.js
@@ -5,15 +5,16 @@
     .module('users')
     .controller('SocialAccountsController', SocialAccountsController);
 
-  SocialAccountsController.$inject = ['$scope', 'UsersService', 'Authentication', 'Notification'];
+  SocialAccountsController.$inject = ['$state', '$window', 'UsersService', 'Authentication', 'Notification'];
 
-  function SocialAccountsController($scope, UsersService, Authentication, Notification) {
+  function SocialAccountsController($state, $window, UsersService, Authentication, Notification) {
     var vm = this;
 
     vm.user = Authentication.user;
     vm.hasConnectedAdditionalSocialAccounts = hasConnectedAdditionalSocialAccounts;
     vm.isConnectedSocialAccount = isConnectedSocialAccount;
     vm.removeUserSocialAccount = removeUserSocialAccount;
+    vm.callOauthProvider = callOauthProvider;
 
     // Check if there are additional accounts
     function hasConnectedAdditionalSocialAccounts() {
@@ -42,5 +43,13 @@
     function onRemoveSocialAccountError(response) {
       Notification.error({ message: response.message, title: '<i class="glyphicon glyphicon-remove"></i> Remove failed!' });
     }
+
+    // OAuth provider request
+    function callOauthProvider(url) {
+      url += '?redirect_to=' + encodeURIComponent($state.$current.url.prefix);
+
+      // Effectively call OAuth authentication route:
+      $window.location.href = url;
+    }
   }
 }());
diff --git a/modules/users/client/views/settings/manage-social-accounts.client.view.html b/modules/users/client/views/settings/manage-social-accounts.client.view.html
index 0fe8b324..1e52f715 100644
--- a/modules/users/client/views/settings/manage-social-accounts.client.view.html
+++ b/modules/users/client/views/settings/manage-social-accounts.client.view.html
@@ -18,7 +18,7 @@
   <h3 class="col-md-12 text-center" ng-show="!vm.hasConnectedAdditionalSocialAccounts()">Unconnected social accounts:</h3>
   <div class="col-md-12 text-center">
     <div class="social-account-container" ng-hide="vm.isConnectedSocialAccount('facebook')">
-      <a href="/api/auth/facebook" target="_self">
+      <a href="" ng-click="vm.callOauthProvider('/api/auth/facebook')">
         <img class="social-button" ng-src="/modules/users/client/img/buttons/facebook.png">
         <span class="btn btn-success btn-add-remove-account">
           <i class="glyphicon glyphicon-plus"></i>
@@ -26,7 +26,7 @@
       </a>
     </div>
     <div class="social-account-container" ng-hide="vm.isConnectedSocialAccount('twitter')">
-      <a href="/api/auth/twitter" target="_self">
+      <a href="" ng-click="vm.callOauthProvider('/api/auth/twitter')">
         <img class="social-button" ng-src="/modules/users/client/img/buttons/twitter.png">
         <span class="btn btn-success btn-add-remove-account">
           <i class="glyphicon glyphicon-plus"></i>
@@ -34,7 +34,7 @@
       </a>
     </div>
     <div class="social-account-container" ng-hide="vm.isConnectedSocialAccount('google')">
-      <a href="/api/auth/google" target="_self">
+      <a href="" ng-click="vm.callOauthProvider('/api/auth/google')">
         <img class="social-button" ng-src="/modules/users/client/img/buttons/google.png">
         <span class="btn btn-success btn-add-remove-account">
           <i class="glyphicon glyphicon-plus"></i>
@@ -42,7 +42,7 @@
       </a>
     </div>
     <div class="social-account-container" ng-hide="vm.isConnectedSocialAccount('linkedin')">
-      <a href="/api/auth/linkedin" target="_self">
+      <a href="" ng-click="vm.callOauthProvider('/api/auth/linkedin')">
         <img class="social-button" ng-src="/modules/users/client/img/buttons/linkedin.png">
         <span class="btn btn-success btn-add-remove-account">
           <i class="glyphicon glyphicon-plus"></i>
@@ -50,7 +50,7 @@
       </a>
     </div>
     <div class="social-account-container" ng-hide="vm.isConnectedSocialAccount('github')">
-      <a href="/api/auth/github" target="_self">
+      <a href="" ng-click="vm.callOauthProvider('/api/auth/github')">
         <img class="social-button" ng-src="/modules/users/client/img/buttons/github.png">
         <span class="btn btn-success btn-add-remove-account">
           <i class="glyphicon glyphicon-plus"></i>
@@ -58,7 +58,7 @@
       </a>
     </div>
     <div class="social-account-container" ng-hide="vm.isConnectedSocialAccount('paypal')">
-      <a href="/api/auth/paypal" target="_self">
+      <a href="" ng-click="vm.callOauthProvider('/api/auth/paypal')">
         <img class="social-button" ng-src="/modules/users/client/img/buttons/paypal.png">
         <span class="btn btn-success btn-add-remove-account">
           <i class="glyphicon glyphicon-plus"></i>
diff --git a/modules/users/server/controllers/users/users.authentication.server.controller.js b/modules/users/server/controllers/users/users.authentication.server.controller.js
index 7d96002b..75373b47 100644
--- a/modules/users/server/controllers/users/users.authentication.server.controller.js
+++ b/modules/users/server/controllers/users/users.authentication.server.controller.js
@@ -85,6 +85,9 @@ exports.signout = function (req, res) {
  */
 exports.oauthCall = function (strategy, scope) {
   return function (req, res, next) {
+    if (req.query && req.query.redirect_to)
+      req.session.redirect_to = req.query.redirect_to;
+
     // Authenticate
     passport.authenticate(strategy, scope)(req, res, next);
   };
@@ -119,6 +122,14 @@ exports.oauthCallback = function (strategy) {
  * Helper function to save or update a OAuth user profile
  */
 exports.saveOAuthUserProfile = function (req, providerUserProfile, done) {
+  // Setup info object
+  var info = {};
+
+  // Set redirection path on session.
+  // Do not redirect to a signin or signup page
+  if (noReturnUrls.indexOf(req.session.redirect_to) === -1)
+    info.redirect_to = req.session.redirect_to;
+
   if (!req.user) {
     // Define a search query fields
     var searchMainProviderIdentifierField = 'providerData.' + providerUserProfile.providerIdentifierField;
@@ -138,15 +149,6 @@ exports.saveOAuthUserProfile = function (req, providerUserProfile, done) {
       $or: [mainProviderSearchQuery, additionalProviderSearchQuery]
     };
 
-    // Setup info object
-    var info = {};
-
-    // Set redirection path on session.
-    // Do not redirect to a signin or signup page
-    if (noReturnUrls.indexOf(req.query.redirect_to) === -1) {
-      info.redirect_to = req.query.redirect_to;
-    }
-
     User.findOne(searchQuery, function (err, user) {
       if (err) {
         return done(err);
@@ -198,7 +200,7 @@ exports.saveOAuthUserProfile = function (req, providerUserProfile, done) {
 
       // And save the user
       user.save(function (err) {
-        return done(err, user, '/settings/accounts');
+        return done(err, user, info);
       });
     } else {
       return done(new Error('User is already connected using this provider'), user);