Avoid double redirects to /login and then to /login/.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2018-12-03 17:12:08 -08:00 · 2018-12-03 17:12:08 -08:00 · 9ba860b4f2
parent 02a79b677b
commit 9ba860b4f2
11 changed files with 20 additions and 30 deletions
--- a/docs/production/authentication-methods.md
+++ b/docs/production/authentication-methods.md
@ -216,10 +216,10 @@ to debug.
 * Since you've configured `/etc/zulip/settings.py` to only define the
  `zproject.backends.ZulipRemoteUserBackend`, `zproject/settings.py`
-  configures `/accounts/login/sso` as `HOME_NOT_LOGGED_IN`.  This
+  configures `/accounts/login/sso/` as `HOME_NOT_LOGGED_IN`.  This
  makes `https://zulip.example.com/` (a.k.a. the homepage for the main
  Zulip Django app running behind nginx) redirect to
-  `/accounts/login/sso` for a user that isn't logged in.
+  `/accounts/login/sso/` for a user that isn't logged in.
 * nginx proxies requests to `/accounts/login/sso/` to an Apache
  instance listening on `localhost:8888`, via the config in
--- a/frontend_tests/casper_lib/common.js
+++ b/frontend_tests/casper_lib/common.js
@ -18,7 +18,7 @@ function log_in(credentials) {
    }
    casper.test.info('Logging in');
-    casper.fill('form[action^="/accounts/login"]', {
+    casper.fill('form[action^="/accounts/login/"]', {
        username: credentials.username,
        password: credentials.password,
    }, true /* submit form */);
@ -106,7 +106,7 @@ exports.then_log_in = function (credentials) {
 };
 exports.start_and_log_in = function (credentials, viewport) {
-    var log_in_url = "http://zulip.zulipdev.com:9981/accounts/login";
+    var log_in_url = "http://zulip.zulipdev.com:9981/accounts/login/";
    exports.init_viewport();
    casper.start(log_in_url, function () {
        exports.initialize_casper(viewport);
--- a/frontend_tests/casper_tests/01-login.js
+++ b/frontend_tests/casper_tests/01-login.js
@ -6,7 +6,7 @@ common.init_viewport();
 casper.start(realm_url, common.initialize_casper);
 casper.then(function () {
-    casper.test.assertUrlMatch(/^http:\/\/[^/]+\/login/, 'Redirected to /login');
+    casper.test.assertUrlMatch(/^http:\/\/[^/]+\/login\/$/, 'Redirected to /login/');
 });
 common.then_log_in();
--- a/static/js/settings_account.js
+++ b/static/js/settings_account.js
@ -472,7 +472,7 @@ exports.set_up = function () {
                url: '/json/users/me',
                success: function () {
                    $("#deactivate_self_modal").modal("hide");
-                    window.location.href = "/login";
+                    window.location.href = "/login/";
                },
                error: function (xhr) {
                    var error_last_admin = i18n.t("Error: Cannot deactivate the only organization administrator.");
--- a/templates/zerver/dev_login.html
+++ b/templates/zerver/dev_login.html
@ -9,7 +9,7 @@
        {% else %}
        <h4 class="login-page-header">Click on a user to log in!</h4>
        {% endif %}
-        <p class="devlogin_subheader">{{ _('(Or visit the <a href="/login">normal login page</a>)') }}</p>
+        <p class="devlogin_subheader">(Or visit the <a href="/login/">normal login page</a>.)</p>
        <form name="direct_login_form" id="direct_login_form" method="post" class="login-form">
            <div class="control-group">
                <div class="controls">
--- a/tools/travis/success-http-headers.txt
+++ b/tools/travis/success-http-headers.txt
@ -6,16 +6,6 @@ WARNING: no certificate subject alternative name matches
  Content-Type: text/html; charset=utf-8
  Content-Length: 0
  Connection: keep-alive
  Location: /login
  Strict-Transport-Security: max-age=15768000
  X-Frame-Options: DENY
 Location: /login [following]
 Reusing existing connection to localhost:443.
  HTTP/1.1 301 Moved Permanently
  Server: nginx/1.4.6 (Ubuntu)
  Content-Type: text/html; charset=utf-8
  Content-Length: 0
  Connection: keep-alive
  Location: /login/
  Strict-Transport-Security: max-age=15768000
  X-Frame-Options: DENY
--- a/zerver/lib/rest.py
+++ b/zerver/lib/rest.py
@ -113,7 +113,7 @@ def rest_dispatch(request: HttpRequest, **kwargs: Any) -> HttpResponse:
            # browser, send the user to the login page
            if 'text/html' in request.META.get('HTTP_ACCEPT', ''):
                # TODO: It seems like the `?next=` part is unlikely to be helpful
-                return HttpResponseRedirect('%s/?next=%s' % (settings.HOME_NOT_LOGGED_IN, request.path))
+                return HttpResponseRedirect('%s?next=%s' % (settings.HOME_NOT_LOGGED_IN, request.path))
            # Ask for basic auth (email:apiKey)
            elif request.path.startswith("/api"):
                return json_unauthorized(_("Not logged in: API authentication or user session required"))
--- a/zerver/tests/test_docs.py
+++ b/zerver/tests/test_docs.py
@ -336,7 +336,7 @@ class PlansPageTest(ZulipTestCase):
        realm.save(update_fields=["plan_type"])
        result = self.client_get("/plans/", subdomain="zulip")
        self.assertEqual(result.status_code, 302)
-        self.assertEqual(result["Location"], "/accounts/login?next=plans")
+        self.assertEqual(result["Location"], "/accounts/login/?next=plans")
        # Test valid domain, with login
        self.login(self.example_email('hamlet'))
        result = self.client_get("/plans/", subdomain="zulip")
--- a/zerver/tests/test_sessions.py
+++ b/zerver/tests/test_sessions.py
@ -27,7 +27,7 @@ class TestSessions(ZulipTestCase):
        action()
        if expected_result:
            result = self.client_get('/', subdomain=realm.subdomain)
-            self.assertEqual('/login', result.url)
+            self.assertEqual('/login/', result.url)
        else:
            self.assertIn('_auth_user_id', self.client.session)
@ -39,7 +39,7 @@ class TestSessions(ZulipTestCase):
        for session in user_sessions(user_profile):
            delete_session(session)
        result = self.client_get("/")
-        self.assertEqual('/login', result.url)
+        self.assertEqual('/login/', result.url)
    def test_delete_user_sessions(self) -> None:
        user_profile = self.example_user('hamlet')
@ -75,7 +75,7 @@ class TestSessions(ZulipTestCase):
        self.client_post('/accounts/logout/')
        delete_all_deactivated_user_sessions()
        result = self.client_get("/")
-        self.assertEqual('/login', result.url)
+        self.assertEqual('/login/', result.url)
        # Test nothing happens to an active user's session
        self.login(self.example_email("othello"))
@ -92,4 +92,4 @@ class TestSessions(ZulipTestCase):
        user_profile_3.save()
        delete_all_deactivated_user_sessions()
        result = self.client_get("/")
-        self.assertEqual('/login', result.url)
+        self.assertEqual('/login/', result.url)
--- a/zproject/settings.py
+++ b/zproject/settings.py
@ -1304,17 +1304,17 @@ USING_APACHE_SSO = ('zproject.backends.ZulipRemoteUserBackend' in AUTHENTICATION
 if len(AUTHENTICATION_BACKENDS) == 1 and (AUTHENTICATION_BACKENDS[0] ==
                                          "zproject.backends.ZulipRemoteUserBackend"):
-    HOME_NOT_LOGGED_IN = "/accounts/login/sso"
+    HOME_NOT_LOGGED_IN = "/accounts/login/sso/"
    ONLY_SSO = True
 else:
-    HOME_NOT_LOGGED_IN = '/login'
+    HOME_NOT_LOGGED_IN = '/login/'
    ONLY_SSO = False
 AUTHENTICATION_BACKENDS += ('zproject.backends.ZulipDummyBackend',)
-# Redirect to /devlogin by default in dev mode
+# Redirect to /devlogin/ by default in dev mode
 if DEVELOPMENT:
-    HOME_NOT_LOGGED_IN = '/devlogin'
+    HOME_NOT_LOGGED_IN = '/devlogin/'
-    LOGIN_URL = '/devlogin'
+    LOGIN_URL = '/devlogin/'
 POPULATE_PROFILE_VIA_LDAP = bool(AUTH_LDAP_SERVER_URI)
--- a/zproject/test_settings.py
+++ b/zproject/test_settings.py
@ -136,8 +136,8 @@ TERMS_OF_SERVICE = 'corporate/terms.md'
 INLINE_URL_EMBED_PREVIEW = False
-HOME_NOT_LOGGED_IN = '/login'
+HOME_NOT_LOGGED_IN = '/login/'
-LOGIN_URL = '/accounts/login'
+LOGIN_URL = '/accounts/login/'
 # By default will not send emails when login occurs.
 # Explicity set this to True within tests that must have this on.