[#7756] upon expired password, send user directly to pwd expiration form
diff --git a/Allura/allura/controllers/auth.py b/Allura/allura/controllers/auth.py
index fca553c..da3c808 100644
--- a/Allura/allura/controllers/auth.py
+++ b/Allura/allura/controllers/auth.py
@@ -287,8 +287,7 @@
location = tg.url(plugin.AuthenticationProvider.pwd_expired_allowed_urls[0], dict(return_to=return_to))
else:
location = tg.url(plugin.AuthenticationProvider.pwd_expired_allowed_urls[0])
-
- if return_to and return_to != request.url:
+ elif return_to and return_to != request.url:
rt_host = urlparse(urljoin(config['base_url'], return_to)).netloc
base_host = urlparse(config['base_url']).netloc
if rt_host == base_host:
diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py
index a775e45..cc6ce56 100644
--- a/Allura/allura/tests/functional/test_auth.py
+++ b/Allura/allura/tests/functional/test_auth.py
@@ -1329,8 +1329,8 @@
class TestPasswordExpire(TestController):
- def login(self, username='test-user', pwd='foo'):
- r = self.app.get('/auth/', extra_environ={'username': '*anonymous'})
+ def login(self, username='test-user', pwd='foo', query_string=''):
+ r = self.app.get('/auth/' + query_string, extra_environ={'username': '*anonymous'})
f = r.forms[0]
f['username'] = username
f['password'] = pwd
@@ -1473,7 +1473,11 @@
return_to = '/p/test/tickets/?milestone=1.0&page=2'
self.set_expire_for_user()
with h.push_config(config, **{'auth.pwdexpire.days': 90}):
- r = self.login()
+ r = self.login(query_string='?' + urlencode({'return_to': return_to}))
+ # don't go to the return_to yet
+ assert_equal(r.location, 'http://localhost/auth/pwd_expired?' + urlencode({'return_to': return_to}))
+
+ # but if user tries to go directly there anyway, intercept and redirect back
self.assert_redirects(where=return_to)
r = self.app.get('/auth/pwd_expired', extra_environ={'username': 'test-user'})
