Redirect to intended URL after login

Hi all, another challenge - if a user clicks a link to a secure part of my app and they’re not logged in, I redirect them to /login. However, upon login how do I then route them to their intended destination (including all URL params)?

Thanks in advance.

In the dynamic events of the form, select Server Connect => Success

with the browser component use something like Browser1.goto(’‘mypage.php’)

parameters can be added to the web page specified for the goto using an expression i.e.

‘mypage.php?id=’+{{userid}}+‘action=’+{{moredata}}

The problem with this is that you’re assuming that mypage.php is the page/link the user followed.
For exampke: a user click on a link such as /profile/edit but isn’t logged in. They would then be redirected to /login and on successful login be redirected to their intended destination, ie. /profile/edit.

I hope that clarifies my intentions.

Think so, you need them to be redirected to the page they previously requested which could be one of many different pages?

Many ways of doing this I am sure

One idea that comes to mind is drop a cookie or set a session variable (more secure) in the restricted pages to save the current URL then read it back and use it in the browser redirect . Bit of a pain but should work although I admit I have never tried. Doubtless others involving storing the referrer using PHP

Having said that, it does bring the idea of exposing the “forbiddenUrl” action as a dynamic event so actions could be set on authorisation failure to mind

Correct, this is quite a common feature of apps behind a login/pay-wall. Eg. A product inventory tracking app - a client might send you a link to a product and you’re not logged in…instant bad usability from the perspective of the end-user (you in this instance) ie. login, “oh, I’m on the index page. Okay, I’ll go back to my email and click on the link again…” Very annoying.

I admit I don’t have much experience with Wappler or utilising session variabled within it. This is something I’ll definitely have to research more. I see how to set a variable within a server action, I’m just not entirely sure how to consume it etc. Also not sure how I’d set a session var to the intended URL tbh. I’ve lots to learn for sure.
Thanks for your 2 cents :slight_smile:

Server sessions remain a weak point in wappler in my opinion, accessing server sessions is a pain.

Couple of techniques to look at

I have on occasions written a server action which does nothing more than return a server session variable as a app connect variable;

Something like

Action name: getMy Session

where the session is defined in globals

$_session.myvariable

the a set value stage in the server action with output set to output the content

image

Obviously this has a small processing overhead but it is tiny bu this can lead to timing issues

Alternatively use scripting (in this case PHP) to assign the session value to an app connect variable

image

resulting code would be:

<dmx-value id="varMyvalue" dmx-bind:value="<?php echo $_SESSION['myvariable'];?>"></dmx-value>
3 Likes

As you explained in your post, you can just use PHP to access server sessions.
Guys, Wappler does not forbid usage of PHP when it’s needed :slight_smile: There will always be cases when something not really available in the UI, so it’s not a bad practice to add you PHP code on the page.

I agree @Teodor, you can’t do everything but would be nice to have a component in App Connect which returned the value of a server session variable, seems such an obvious omission to an otherwise comprehensive offering.

1 Like

Sure, we will see what can be done :slight_smile:

1 Like

I am beginning to realize that this will be extremely valuable on my website as well.

This would be my first venture into the world of sessions, and I’ve read all the topics here on Wappler that I could find, but I seem to be missing some steps because I have not been able to make it work.

I tried adding the browser component to the page and then using the value of referral in the session, but I did not see any session set on the page when I loaded it.

From looking outside of the Wappler community, it looks like I need to use $_SERVER[‘REQUEST_URI’]; as the value of the current URL that the user is on. I tried setting that as the value in various ways and did not see any session set on the page when I loaded it.

For my situation, I have a header that I include on my pages using the SSI include. I think it would be best to set the session within the header so that it auto-updates without me adding the session manager on every page I create. However, I am not sure if that is the best option or not. From reading, it looks like I would need to set and remove the session on each page load so that the appropriate URL is set as the value and if the user is redirected to the login, the correct URL would be saved and used.

How to redirect the user after login…

  1. Open your login page and add the Browser component for your App

  1. Select ‘App’ from the ‘App Structure’ panel on the right and then select ‘Define Query Params’

  1. On the popup window, right-click on query and select ‘Add Variable’. Call this- return.

  1. Select your login form in the App Structure panel and add a new Dynamic Event. Under Server Connect, click Success. Then, once this is added, click the dynamic data picker.

  1. Under Browser, click ‘> Go To’, then click the ‘+’ button which should add ‘browser1.goto’ to the right hand list. Click this and some Properties will show in the window below.

  1. Under the Go To Properties, click the dynamic data picker (lightning bolt) and a window will popup. Under the Data Bindings, you should see the ‘return’ query at the top. Select this and press the Select button.

  1. After pressing Select, your Dynamic Event on Success should show the action: browser1.goto(query.return)

If you now redirect the user to the login page and add ‘?return=mypage’ at the end of the URL, after login they should be redirected to the page you want. Example:- mywebsite.com/login?return=edit-profile

6 Likes

Perfect! Thanks! That is just what I needed.

I took what you provided and added it into the Security Provider Enforcer as shown below

redirect%20success

I tested it and it worked perfectly ! Thank you so much @max_gb :slight_smile:

I should mention that I use routing on my pages which is why I used web-users instead of web_users.php

1 Like

No problem. This method is also useful for when we send out specific emails to clients. For example, when a credit card has expired I want the user to go to the credit card page but first check they’re logged in. I send them to mywebsite.com/login?return=update-payment and then they end up in the right place.

1 Like

Although I can not seem to find the topic now using the search, I do remember seeing someone ask about adding in the data picker into the Security Provider Enforcer. I just noticed that I would probably vote for that feature to be added as well because some of my pages use parameters with routing and it would be easier to use the data picker than try to remember how to add it in manually.

I think it was @George that responded to that request, but I could be wrong. :slight_smile:

1 Like