Enable to keep current page after logout instead of redirect to login #3566
Conversation
…to login Dokuwiki redirects to login page after logout even if guest user is allowed to access current page. For enable guest user to keep current page, add the setting itme named 'redirect_to_login_after_logout' whose class is onoff: If $conf['redirect_to_login_after_logout'] is 1 (default), dokuwiki redirect to login page after logout. Otherwise it keeps current page. Signed-off-by: Naoto Kobayashi <naoto.kobayashi4c@gmail.com>
|
Can you explain why you 'd want this? When I log out, it makes sense to be able to log in as someone else right away. What do you mean by guest users? Non-Logged in users? Why would they log out when they aren't logged in? |
|
@splitbrain the redirection to the login page with "?do=login" seems to cause a login loop when a single oauth service is enabled (I think cosmocode/dokuwiki-plugin-oauth#59 was caused by this). You can't logout when redirected to the login page. This configuration option fixes this. There are two scenarios when activating the redirection without the login option:
By implementing the redirection with a configuration option you still can have the behavior where you immediately get redirected to the login form again. But some people (especially SSO users) don't want to have it. I implemented the redirection by @YoitoFes in my plugin for GitLab oauth and it seems to fix the SSO login loop (see lprobsth/dokuwiki-plugin-oauthgitlab@70fb6ba). But I don't think this should be done on oauth IdP level. If you don't want to merge this in dokuwiki then we maybe should implement it in the oauth plugin? |
To me, this would be the expected flow. I click logout, not login, so why do I go to a login page?
You are probably an admin user on various wikis and have an admin as well as a normal user account. Or you might have a second account to not attract undue attention to random edits. Most users don't have alter egos and don't want to login after logging out.
Indeed, OP meant users that are not logged in.
They were logged in, but it's about a page that is also accessible to a 'guest user' (someone not logged in), so when logging out, if you still have permission to view the page, you might want to continue where you left off rather than get kicked back to a login page. |
|
@splitbrain Sorry for late reply.
I want to keep access the page where I logoff rather than get back to a login page.
The answer by @bleetsheep fits in exactly with my thinking. Thank @bleetsheep for the detailed explanation. |
|
I am hesitant to add this to the oauth plugin, because this behavior is standard in DokuWiki. When you log out, you are redirected to the login screen, regardless of auth system. I am somewhat surprised that nobody ever complained about this behavior in DokuWiki core. I would prefer to have this behavior discussed with a broader audience and in context of DokuWiki in general first. @YoitoFes can you open a issue about this on splitbrain/dokuwiki or maybe do a forum post? If we want to change this, it should be changed in DokuWiki first. |
|
Thank you for your feedbacks. I will post the issue. This PR only adds the option whether Dokuwiki will keep current page after logout (default is No), there is no change with default settings. |
|
close #3650 |
Dokuwiki redirects to login page after logout even if guest user is allowed to access current page.
For enable guest user to keep current page, add the setting itme named
redirect_to_login_after_logoutwhose class is onoff:If
$conf['redirect_to_login_after_logout']is 1 (default), dokuwikiredirect to login page after logout. Otherwise it keeps current page.