fix: bypass auth redirect cookie when set to homepage

client/components/login.vue

@@ -644,7 +644,10 @@ export default {
         Cookies.set('jwt', respObj.jwt, { expires: 365 })
         _.delay(() => {
           const loginRedirect = Cookies.get('loginRedirect')
-          if (loginRedirect) {
+          if (loginRedirect === '/' && respObj.redirect) {
+            Cookies.remove('loginRedirect')
+            window.location.replace(respObj.redirect)
+          } else if (loginRedirect) {
             Cookies.remove('loginRedirect')
             window.location.replace(loginRedirect)
           } else if (respObj.redirect) {

server/models/users.js

@@ -178,7 +178,7 @@ module.exports = class User extends Model {
       const e = _.find(profile.emails, ['primary', true])
       primaryEmail = (e) ? e.value : _.first(profile.emails).value
     } else if (_.isArray(profile.email)) {
-      primaryEmail = _.first(_.flattenDeep([profile.email]));
+      primaryEmail = _.first(_.flattenDeep([profile.email]))
     } else if (_.isString(profile.email) && profile.email.length > 5) {
       primaryEmail = profile.email
     } else if (_.isString(profile.mail) && profile.mail.length > 5) {
@@ -339,8 +339,14 @@ module.exports = class User extends Model {
     user.groups = await user.$relatedQuery('groups').select('groups.id', 'permissions', 'redirectOnLogin')
     let redirect = '/'
     if (user.groups && user.groups.length > 0) {
-      redirect = user.groups[0].redirectOnLogin
+      for (const grp of user.groups) {
+        if (!_.isEmpty(grp.redirectOnLogin) && grp.redirectOnLogin !== '/') {
+          redirect = grp.redirectOnLogin
+          break
+        }
+      }
     }
+    console.info(redirect)
 
     // Is 2FA required?
     if (!skipTFA) {