magento2-force-login
magento2-force-login copied to clipboard
multistore / subfolder / redirect to root
Hi, if you have multistore configuration, with a website configurated in subfolder, multiples problems occured :
- homepage is in whitelist with rule by default (regex) on all websites. But visiting homepage for website configurated in subfolder redirect to its customer/account/login page. => Should not force login as homepage is authorized. => to fix this, we have to re-add another entry with the subfolder in the regex rule.
if error occured on login, the visitor is redirected to root level (website) and not the website he was trying to log in.
Configuration default website : https://mywebsite.com/ Force login not enabled
Configuration first website : https://mywebsite.com/ force login not enabled
Configuration second website : https://anothersite.com/specific/ force login ENABLED
configuration third website : https://anothersite.com/ force login not enabled
trying to access homepage for https://anothersite.com/specific/ redirect to https://anothersite.com/specific/customer/account/login even with default entries.
Making error in logging in to https://anothersite.com/specific/customer/account/login redirects visitor to https://anothersite.com/ instead of https://anothersite.com/specific/
Preconditions
Magento Version : 2.3.4
Force Login Module Version : Latest
Even if we add entries for this specific store, we had to precise everytime the subfolder.
@nelero thanks for your first bug report. Mind providing a PR to fix this issue?
Hi i got the same problem, did you find a solution??
@nelero Latest version was latest "stable" version, or dev-master? @nelero @maurixxxx we added some fixes to the master, do you mind testing your issue, if everything works fine now or report any (new) issue occuring?
I'll try it
I did the upgrade to the 4.1.0 version but it doesn't fix the issue. After login customer is redirect to the main domain.
and if i disable the module everything goes right.
In my opinion the problem is the AfterLoginPlugin, a part of code is:
$targetUrl = $this->session->getAfterLoginReferer();
if (empty($targetUrl)) {
$targetUrl = $this->defaultTargetUrl;
}
If Redirect Customer to Account Dashboard after Logging in
is NO then targetUrl allway is empty. For that defaultTargetUrl is used as final url. As you can see in di.xml file defaultTargetUrl is / instead of /spesific/.
<type name="BitExpert\ForceCustomerLogin\Plugin\AfterLoginPlugin">
<arguments>
<argument name="defaultTargetUrl" xsi:type="string">/</argument>
</arguments>
</type>
Maybe there is an explanation about this behaviour but it doesn't have for me.
I've write a custom module that have a plugin of bitExpert's AfterLoginPlugin. This plugin dynamically decide which is the final url:
public function afterAfterExecute(\BitExpert\ForceCustomerLogin\Plugin\AfterLoginPlugin $overrided, $resultRedirect)
{
$targetUrl = $this->session->getAfterLoginReferer();
if (empty($targetUrl) && $this->session->isSessionExists()) {
$resultRedirect->setUrl($url);
}
return $resultRedirect;
}
private function getBaseUrl()
{
$secure = $this->getForceSecureRedirectOption();
$secure = ($secure === true) ? true : null;
return $this->storeManager->getStore()->getBaseUrl(\Magento\Framework\UrlInterface::URL_TYPE_WEB, $secure);
}
private function getForceSecureRedirectOption()
{
return (bool) $this->scopeConfig->getValue(
LoginCheckInterface::MODULE_CONFIG_FORCE_SECURE_REDIRECT,
ScopeInterface::SCOPE_STORE
);
}
Anyway bitExpert team, thanks for the great plug in.