Dynamic Redirection URLs After Login

Resolved

(@mpoole)

Hi Nicu

I have implemented your rather good plug-in on our application (I will be buying you a coffee!) – but one of the features that is missing is Dynamic Redirection URLs after Automatic Login. Whilst you can specify a single custom URL, it would be useful to specify a dynamic URL (for example as a parameter) depending on the user context.

To make this work for me, I have currently modified redirectAfterLogin() in SimpleJWTLoginService.php to respond to a ‘redir’ parameter, e.g.
https://mydomain.com?rest_route=/simple-jwt-login/v1/autologin&redir=%2Fportal%2Fportal-name

	private function redirectAfterLogin() {
		$requestParams = $this->request;

		if(isset( $requestParams['redir'] ))
		{
			// MP Added
			$url = $requestParams['redir'];
		} else {
			
			$redirect = $this->jwt_settings->getRedirect();
			switch ( $redirect ) {
				case SimpleJWTLoginSettings::REDIRECT_HOMEPAGE:
					$url = $this->wordPressData->getSiteUrl();
					break;
				case SimpleJWTLoginSettings::REDIRECT_CUSTOM:
					$url = $this->jwt_settings->getCustomRedirectURL();
					break;
				case SimpleJWTLoginSettings::REDIRECT_DASHBOARD:
				default:
					$url = $this->wordPressData->getAdminUrl();			
					break;
			}
		}
		
		if ( $this->jwt_settings->getShouldIncludeRequestParameters() ) {
			$dangerousKeys = [
				'redir',
				'rest_route',				
				'jwt',
				'JWT',
				'email',
				'password',
				$this->jwt_settings->getAuthCodeKey()
			];
			foreach ( $dangerousKeys as $key ) {
				if ( isset( $requestParams[ $key ] ) ) {
					unset( $requestParams[ $key ] );
				}
			}

			$url = $url . ( strpos( '?', $url ) !== false ? '&' : '?' ) . http_build_query( $requestParams );
		}

		if ( $this->jwt_settings->isHookEnable( SimpleJWTLoginHooks::LOGIN_REDIRECT_NAME ) ) {
			$this->wordPressData->triggerAction( SimpleJWTLoginHooks::LOGIN_REDIRECT_NAME, $url, $this->request );
		}

		$this->wordPressData->redirect( $url );
	}

Appreciate that their could be some low-level security implications with a redir param in the URL (albeit can be mitgated), it would be useful to have this as an option to enable on the dashboard. Related to this, it would also be good to have the option for the wp_users.user_url to be used as well as a redirection point.

If you implement this, it means I don’t have to do maintenance when you do updates 🙂

I do have an issue with registration meta_values not being added to the user, but I’ll raise that in a separate post.

Cheers

Matt

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author Nicu Micle
(@nicu_m)

5 years, 8 months ago
Hello @mpoole,

This is a good idea for a new feature. I will add it in the next release.

Meanwhile, there is an option in the plugin Include request parameters used for login link in the REDIRECT URL in the Login section. By enabling this,you can add a parameter like &page=your_page. If you check this, you can use the simple_jwt_login_redirect_hook.

The script could look like this:
```
   add_action('simple_jwt_login_redirect_hook', function($url, $request){
       $page = isset($_REQUEST['page'])
           ? $_REQUEST['page']
           : null;
       if($page === null){
            wp_redirect($url);
             return;
       } 
       switch($page){
          case "page1":
              wp_redirect('https://site1.com');
              break;
           case "page2": 
              wp_redirect('https://site2.com');
              break;   
       }
},10,2);
```
I will come back with updates once this new feature is released.

Best regards,
Nicu.
Plugin Author Nicu Micle
(@nicu_m)

5 years, 7 months ago

Hello @mpoole,

I’ve implemented this feature in version v2.4.0. You can activate this feature from “Login settings”. The URL parameter that you should use is redirectUrl.

Also, I’ve introduced the concept of variables. Now there are some variables that you can use in the redirect URLs.

PS: Don’t forget to rate this plugin.

Best regards,
Nicu.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Dynamic Redirection URLs After Login’ is closed to new replies.

Tags