Dynamic url in Security Restrict

sbecks · February 21, 2022, 11:31am

Hi,
I add a parameter to the redirect url in Security Restrict to specify a page to redirect to on login. So:

This works really well for static routes, I’m now trying to add a dynamic part to a URL:

which redirects to:

I’ve tried with an optional parameter in the path (this provides a picker for the id but it’s blank)

I then type in the GET variable I want to use (so $_GET.id) but it returns as text on redirect.

I’ve also tried just typing into the URL, which does the same.

Not sure if this is a bug, can’t be done, or I’m doing it wrong!

What I want is to redirect if not logged in to:

/login?redirect_url=/settings/communities/DYNAMICIDHERE

to enable redirect on login to:

/settings/communities/DYNAMICIDHERE

Any ideas of other ways to achieve this?

Hyperbytes · February 18, 2022, 5:36pm

There are several discussion about this on the forum, Basically it works best if you use routing, something like this.

sbecks · February 18, 2022, 6:00pm

Thanks Brian,

I have routing set up and it works fine using a link on the page.

The issue is specifically around populating the route dynamically from within Security Restrict which doesn’t seem to work as I’d expect.

Hyperbytes · February 18, 2022, 6:06pm

Could this be the cause of the problem? Just reported

NewMedia · February 19, 2022, 4:58am

To make this work with a dynamic variable I had to go directly into the code view of the API where I wanted the Security Restrict to pick up that Variable.

In my login page I did the code editor modification to this –
action=“dmxConnect/api/login.php”

Typed this in the appropriate place in the api login.php page –

“SecurityProviders/security2”,
{
“name”: “”,
“module”: “auth”,
“action”: “restrict”,
“options”: {
“provider”: “security2”,
“forbiddenUrl”: “http://localhost:8888/trainings/working_form.php?{{$_POST.username}}”,
“loginUrl”: “http://localhost:8888/trainings/working_form.php?{{$_POST.username}}”
}

I typed the same thing in forbidden and login urls so I’d get immediate results no matter what.

The page name was bogus – not a real file.
So it had no page to go to but the Inspect console showed my username numbers were a correctly picked up variable.

XHR GET http://localhost:8888/trainings/working_form.php?575216

George · February 20, 2022, 8:38pm

Teodor · February 21, 2022, 11:30am

Teodor · February 21, 2022, 11:30am

In Wappler 4.6.1 it’s now possible to use dynamic data in routes in security restrict.

Teodor · February 21, 2022, 11:30am

Teodor · February 26, 2022, 4:00pm

This topic was automatically closed after 5 days. New replies are no longer allowed.