diff --git a/app/assets/javascripts/discourse/controllers/login.js.es6 b/app/assets/javascripts/discourse/controllers/login.js.es6 index 4f17c69274a..f405e6ee1b1 100644 --- a/app/assets/javascripts/discourse/controllers/login.js.es6 +++ b/app/assets/javascripts/discourse/controllers/login.js.es6 @@ -8,6 +8,7 @@ export default DiscourseController.extend(ModalFunctionality, { loggedIn: false, canLoginLocal: Discourse.computed.setting('enable_local_logins'), + loginRequired: Em.computed.alias('controllers.application.loginRequired'), resetForm: function() { this.set('authenticate', null); @@ -72,9 +73,16 @@ export default DiscourseController.extend(ModalFunctionality, { self.set('loggedIn', true); // Trigger the browser's password manager using the hidden static login form: var $hidden_login_form = $('#hidden-login-form'); + var destinationUrl = $.cookie('destination_url'); $hidden_login_form.find('input[name=username]').val(self.get('loginName')); $hidden_login_form.find('input[name=password]').val(self.get('loginPassword')); - $hidden_login_form.find('input[name=redirect]').val(window.location.href); + if (self.get('loginRequired') && destinationUrl) { + // redirect client to the original URL + $.cookie('destination_url', null); + $hidden_login_form.find('input[name=redirect]').val(destinationUrl); + } else { + $hidden_login_form.find('input[name=redirect]').val(window.location.href); + } $hidden_login_form.submit(); } diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index eb911760ecb..67b304a2df5 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -350,6 +350,8 @@ class ApplicationController < ActionController::Base def redirect_to_login_if_required return if current_user || (request.format.json? && api_key_valid?) + # save original URL in a cookie + cookies[:destination_url] = request.original_url unless request.original_url =~ /uploads/ redirect_to :login if SiteSetting.login_required? end