Clear redirect url of auth after login

Previously this was never cleared. Therefore even when you logged in next time, you were still redirected to the url you accessed at some point without being logged in.
digitallyinduced · Sep 6, 2020 · 05ee6b9 · 05ee6b9
1 parent ba82288
commit 05ee6b9
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/IHP/AuthSupport/Controller/Sessions.hs b/IHP/AuthSupport/Controller/Sessions.hs
@@ -90,7 +90,7 @@ createSessionAction = do
                     user <- user
                             |> set #failedLoginAttempts 0
                             |> updateRecord
-                    redirectUrl <- getSession "IHP.LoginSupport.redirectAfterLogin"
+                    redirectUrl <- getSessionAndClear "IHP.LoginSupport.redirectAfterLogin"
                     redirectToPath (fromMaybe (afterLoginRedirectPath @record) redirectUrl)
                 else do
                     setErrorMessage "Incorrect Password"