When a user tries to access our website via a link (for instance going to www.website.com/privatepage) they are redirected to a login page. Once they login, we want to redirect them to that intended URL - how do you do this?
Also we have a use case where a user logs in from the homepage, or goes directly to the login page with no intended URL - in this case we'd like to redirect them to a default page.
Can anyone help me figure this out?
The most common ways to implement redirection logic after login are: using HTTP Referer header. saving the original request in the session. appending original URL to the redirected login URL.
You may use Redirect::intended function. It will redirect the user to the URL they were trying to access before being caught by the authenticaton filter. A fallback URI may be given to this method in case the intended destinaton is not available.
The simplest way to redirect to another URL is to use an HTML <meta> tag with the http-equiv parameter set to “refresh”. The content attribute sets the delay before the browser redirects the user to the new web page. To redirect immediately, set this parameter to “0” seconds for the content attribute.
in your login page:
if you go to www.example.com/private_page
using CodeIgniter (on private page)
// if user is not logged in...
$_SESSION['redirect'] = $this->uri->segment(1);
redirect('login');
on login page
// successfully logged in..
if (isset($_SESSION['redirect'])) {
redirect($_SESSION['redirect']);
} else {
// redirect to default page
}
It might be a good idea to have a whitelist of accepted urls when redirecting in this fashion - otherwise, an attacker could send someone a link like example.com/login?attacker.com/fake_examplecom and the user will be redirected to the attacker's site while thinking they have just logged in to your site. The original url pointed to your site, so it looks trustworthy. There's a lot of nasty things that can be done with this, as you can imagine.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With