diff --git a/packages/dashboard/package.json b/packages/dashboard/package.json index fbe0939f..4e3a2edd 100644 --- a/packages/dashboard/package.json +++ b/packages/dashboard/package.json @@ -13,6 +13,7 @@ "@tailwindcss/forms": "^0.2.1", "autoprefixer": "^10.2.4", "classnames": "^2.2.6", + "cookie": "^0.4.1", "dayjs": "^1.10.4", "express-jwt": "^6.0.0", "formik": "^2.2.6", diff --git a/packages/dashboard/src/pages/api/redirect.js b/packages/dashboard/src/pages/api/redirect.js new file mode 100644 index 00000000..69da40a5 --- /dev/null +++ b/packages/dashboard/src/pages/api/redirect.js @@ -0,0 +1,6 @@ +import { serialize } from "cookie"; + +export default (req, res) => { + res.setHeader("Set-Cookie", serialize("foo", Math.random(), {})); + res.redirect(302, req.query.return_to); +}; diff --git a/packages/dashboard/src/pages/auth/login.js b/packages/dashboard/src/pages/auth/login.js index da4cb704..1c24534a 100644 --- a/packages/dashboard/src/pages/auth/login.js +++ b/packages/dashboard/src/pages/auth/login.js @@ -8,6 +8,7 @@ const kratos = new PublicApi(new Configuration({ basePath: config.kratos.public export async function getServerSideProps(context) { const flow = context.query.flow; + const redirect = encodeURIComponent(`/api/redirect?return_to=${context.query.return_to ?? "/"}`); if (process.env.NODE_ENV === "development") { return { props: { flow: require("../../../stubs/login.json") } }; @@ -21,7 +22,7 @@ export async function getServerSideProps(context) { return { redirect: { permanent: false, - destination: `${config.kratos.browser}/self-service/login/browser?return_to=${context.query.return_to}`, + destination: `${config.kratos.browser}/self-service/login/browser?return_to=${redirect}`, }, }; } @@ -36,7 +37,7 @@ export async function getServerSideProps(context) { return { redirect: { permanent: false, - destination: `${config.kratos.browser}/self-service/login/browser?return_to=${context.query.return_to}`, + destination: `${config.kratos.browser}/self-service/login/browser?return_to=${redirect}`, }, }; }