From fe890979afe04e43d90486aaaeda4abd587d62b9 Mon Sep 17 00:00:00 2001
From: NGPixel <github@ngpixel.com>
Date: Sat, 3 Oct 2020 17:11:34 -0400
Subject: [PATCH] fix: bypass auth redirect cookie when set to homepage

---
 client/components/login.vue |  5 ++++-
 server/models/users.js      | 10 ++++++++--
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/client/components/login.vue b/client/components/login.vue
index 23b0d5b2..f74a4744 100644
--- a/client/components/login.vue
+++ b/client/components/login.vue
@@ -644,7 +644,10 @@ export default {
         Cookies.set('jwt', respObj.jwt, { expires: 365 })
         _.delay(() => {
           const loginRedirect = Cookies.get('loginRedirect')
-          if (loginRedirect) {
+          if (loginRedirect === '/' && respObj.redirect) {
+            Cookies.remove('loginRedirect')
+            window.location.replace(respObj.redirect)
+          } else if (loginRedirect) {
             Cookies.remove('loginRedirect')
             window.location.replace(loginRedirect)
           } else if (respObj.redirect) {
diff --git a/server/models/users.js b/server/models/users.js
index 86bfbc5d..3ce42bc9 100644
--- a/server/models/users.js
+++ b/server/models/users.js
@@ -178,7 +178,7 @@ module.exports = class User extends Model {
       const e = _.find(profile.emails, ['primary', true])
       primaryEmail = (e) ? e.value : _.first(profile.emails).value
     } else if (_.isArray(profile.email)) {
-      primaryEmail = _.first(_.flattenDeep([profile.email]));
+      primaryEmail = _.first(_.flattenDeep([profile.email]))
     } else if (_.isString(profile.email) && profile.email.length > 5) {
       primaryEmail = profile.email
     } else if (_.isString(profile.mail) && profile.mail.length > 5) {
@@ -339,8 +339,14 @@ module.exports = class User extends Model {
     user.groups = await user.$relatedQuery('groups').select('groups.id', 'permissions', 'redirectOnLogin')
     let redirect = '/'
     if (user.groups && user.groups.length > 0) {
-      redirect = user.groups[0].redirectOnLogin
+      for (const grp of user.groups) {
+        if (!_.isEmpty(grp.redirectOnLogin) && grp.redirectOnLogin !== '/') {
+          redirect = grp.redirectOnLogin
+          break
+        }
+      }
     }
+    console.info(redirect)
 
     // Is 2FA required?
     if (!skipTFA) {