fix: register returnTo logic to match login route

Login route saves the previous page by checking for the X-Return-To header. This header is automatically set by ajaxify. Login takes this value and saves it to `req.session`. Up until now, `/register` saved the previous URL in a hidden input, and redirected based on that value, but it occasionally conflicted with req.session.returnTo. It was also confusing because it did not match how login handled the values. This commit updates the route handling so it works identically to `/login`.
NodeBB · Feb 5, 2021 · 67e3fb6 · 67e3fb6
1 parent 9576bec
commit 67e3fb6
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 11 deletions.
diff --git a/public/src/client/register.js b/public/src/client/register.js
@@ -17,7 +17,6 @@ define('forum/register', [
 
 		handleLanguageOverride();
 
-		$('#referrer').val(app.previousUrl);
 		$('#content #noscript').val('false');
 
 		email.on('blur', function () {
@@ -89,10 +88,10 @@ define('forum/register', [
 						if (!data) {
 							return;
 						}
-						if (data.referrer) {
-							var pathname = utils.urlToLocation(data.referrer).pathname;
+						if (data.next) {
+							var pathname = utils.urlToLocation(data.next).pathname;
 
-							var params = utils.params({ url: data.referrer });
+							var params = utils.params({ url: data.next });
 							params.registered = true;
 							var qs = decodeURIComponent($.param(params));
 

diff --git a/src/controllers/authentication.js b/src/controllers/authentication.js
@@ -34,14 +34,11 @@ async function registerAndLoginUser(req, res, userData) {
 		userData.register = true;
 		req.session.registration = userData;
 
-		if (req.body.referrer) {
-			req.session.returnTo = req.body.referrer;
-		}
 		if (req.body.noscript === 'true') {
 			res.redirect(nconf.get('relative_path') + '/register/complete');
 			return;
 		}
-		res.json({ referrer: nconf.get('relative_path') + '/register/complete' });
+		res.json({ next: nconf.get('relative_path') + '/register/complete' });
 		return;
 	}
 	const queue = await user.shouldQueueUser(req.ip);
@@ -60,9 +57,9 @@ async function registerAndLoginUser(req, res, userData) {
 		await user.joinGroupsFromInvitation(uid, userData.email);
 	}
 	await user.deleteInvitationKey(userData.email);
-	const referrer = req.body.referrer || req.session.returnTo || nconf.get('relative_path') + '/';
-	const complete = await plugins.hooks.fire('filter:register.complete', { uid: uid, referrer: referrer });
-	req.session.returnTo = complete.referrer;
+	const next = req.session.returnTo || nconf.get('relative_path') + '/';
+	const complete = await plugins.hooks.fire('filter:register.complete', { uid: uid, next: next });
+	req.session.returnTo = complete.next;
 	return complete;
 }
 

diff --git a/src/controllers/index.js b/src/controllers/index.js
@@ -144,6 +144,7 @@ Controllers.register = async function (req, res, next) {
 	}
 
 	let errorText;
+	const returnTo = (req.headers['x-return-to'] || '').replace(nconf.get('base_url') + nconf.get('relative_path'), '');
 	if (req.query.error === 'csrf-invalid') {
 		errorText = '[[error:csrf-invalid]]';
 	}
@@ -158,6 +159,10 @@ Controllers.register = async function (req, res, next) {
 			}
 		}
 
+		if (returnTo) {
+			req.session.returnTo = returnTo;
+		}
+
 		const loginStrategies = require('../routes/authentication').getLoginStrategies();
 		res.render('register', {
 			'register_window:spansize': loginStrategies.length ? 'col-md-6' : 'col-md-12',