From 18d7162481174cc475a4afce856df668f8c7fd57 Mon Sep 17 00:00:00 2001
From: Penar Musaraj <pmusaraj@gmail.com>
Date: Tue, 31 Oct 2023 11:35:36 -0400
Subject: [PATCH] FIX: Maintain destination_url after passkey login (#24171)

---
 .../discourse/app/components/modal/login.js            |  8 +++++++-
 .../system/user_page/user_preferences_security_spec.rb | 10 ++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/app/assets/javascripts/discourse/app/components/modal/login.js b/app/assets/javascripts/discourse/app/components/modal/login.js
index 437c828442e..fc464962896 100644
--- a/app/assets/javascripts/discourse/app/components/modal/login.js
+++ b/app/assets/javascripts/discourse/app/components/modal/login.js
@@ -149,7 +149,13 @@ export default class Login extends Component {
         });
 
         if (authResult && !authResult.error) {
-          window.location.reload();
+          const destinationUrl = cookie("destination_url");
+          if (destinationUrl) {
+            removeCookie("destination_url");
+            window.location.assign(destinationUrl);
+          } else {
+            window.location.reload();
+          }
         } else {
           this.dialog.alert(authResult.error);
         }
diff --git a/spec/system/user_page/user_preferences_security_spec.rb b/spec/system/user_page/user_preferences_security_spec.rb
index 2177ccd8664..b359f068912 100644
--- a/spec/system/user_page/user_preferences_security_spec.rb
+++ b/spec/system/user_page/user_preferences_security_spec.rb
@@ -60,6 +60,13 @@ describe "User preferences for Security", type: :system do
         )
       authenticator = page.driver.browser.add_virtual_authenticator(options)
 
+      page.driver.browser.manage.add_cookie(
+        domain: Discourse.current_hostname,
+        name: "destination_url",
+        value: "/new",
+        path: "/",
+      )
+
       user_preferences_security_page.visit(user)
 
       find(".pref-passkeys__add .btn").click
@@ -94,6 +101,9 @@ describe "User preferences for Security", type: :system do
 
       expect(page).to have_css(".header-dropdown-toggle.current-user")
 
+      # ensures that we are redirected to the destination_url cookie
+      expect(page.driver.current_url).to include("/new")
+
       # clear authenticator (otherwise it will interfere with other tests)
       authenticator.remove!
     end