fix: forward to original page after login from all permission gates

redimp · redimp · commit 01327dd5721f · 2026-05-10T10:49:03.000+02:00
diff --git a/otterwiki/pageindex.py b/otterwiki/pageindex.py
@@ -9,6 +9,7 @@
     abort,
     redirect,
     render_template,
+    request,
     url_for,
 )
 
@@ -219,7 +220,7 @@ def meta_description(self) -> str:
     def render(self):
         if not has_permission("READ"):
             if not current_user.is_authenticated:
-                return redirect(url_for("login"))
+                return redirect(url_for("login", next=request.full_path))
             abort(403)
         menutree = SidebarPageIndex(self.path)
 
diff --git a/otterwiki/wiki.py b/otterwiki/wiki.py
@@ -109,7 +109,7 @@ def get(self, _external=False):
     def render(self):
         if not has_permission("READ"):
             if not current_user.is_authenticated:
-                return redirect(url_for("login"))
+                return redirect(url_for("login", next=request.full_path))
             abort(403)
         log = self.get()
         pages = []
@@ -234,7 +234,7 @@ def revert(self, revision, message, author):
     def show_commit(self, revision):
         if not has_permission("READ"):
             if not current_user.is_authenticated:
-                return redirect(url_for("login"))
+                return redirect(url_for("login", next=request.full_path))
             abort(403)
         try:
             metadata, diff = storage.show_commit(revision)
@@ -460,7 +460,7 @@ def source(self, raw=False):
         # handle permissions
         if not has_permission("READ"):
             if not current_user.is_authenticated:
-                return redirect(url_for("login"))
+                return redirect(url_for("login", next=request.full_path))
             abort(403)
         # handle case that the page doesn't exists
         if self.storage_error is not None:
@@ -841,7 +841,7 @@ def create(self):
     def blame(self):
         if not has_permission("READ"):
             if not current_user.is_authenticated:
-                return redirect(url_for("login"))
+                return redirect(url_for("login", next=request.full_path))
             abort(403)
         # handle case that the page doesn't exists
         if self.storage_error is not None:
@@ -907,7 +907,7 @@ def blame(self):
     def diff(self, rev_a=None, rev_b=None):
         if not has_permission("READ"):
             if not current_user.is_authenticated:
-                return redirect(url_for("login"))
+                return redirect(url_for("login", next=request.full_path))
             abort(403)
         # handle case that the page doesn't exists
         self.exists_or_404()
@@ -938,7 +938,7 @@ def diff(self, rev_a=None, rev_b=None):
     def history(self, rev_a: str | None = None, rev_b: str | None = None):
         if not has_permission("READ"):
             if not current_user.is_authenticated:
-                return redirect(url_for("login"))
+                return redirect(url_for("login", next=request.full_path))
             abort(403)
 
         self.exists_or_404(in_git=True)
@@ -1145,7 +1145,7 @@ def _attachments_list(self):
     def render_attachments(self):
         if not has_permission("READ"):
             if not current_user.is_authenticated:
-                return redirect(url_for("login"))
+                return redirect(url_for("login", next=request.full_path))
             abort(403)
         # handle case that the page doesn't exists
         self.exists_or_404()
@@ -1230,7 +1230,7 @@ def edit_attachment(
     ):
         if not has_permission("READ"):
             if not current_user.is_authenticated:
-                return redirect(url_for("login"))
+                return redirect(url_for("login", next=request.full_path))
             abort(403)
         a = Attachment(self.pagepath, filename)
         if not a.exists():
@@ -1457,7 +1457,7 @@ def delete(self, message, author):
     def edit(self):
         if not has_permission("READ"):
             if not current_user.is_authenticated:
-                return redirect(url_for("login"))
+                return redirect(url_for("login", next=request.full_path))
             abort(403)
         if not self.exists():
             return abort(404)
@@ -1482,7 +1482,7 @@ def edit(self):
     def get(self):
         if not has_permission("READ"):
             if not current_user.is_authenticated:
-                return redirect(url_for("login"))
+                return redirect(url_for("login", next=request.full_path))
             abort(403)
         if self.revision is None:
             if not storage.exists(self.filepath):
@@ -1786,7 +1786,7 @@ def search(self):
     def render(self):
         if not has_permission("READ"):
             if not current_user.is_authenticated:
-                return redirect(url_for("login"))
+                return redirect(url_for("login", next=request.full_path))
             abort(403)
         self.compile()
         result = self.search()
