Fix login loop for private instances

GET /login and POST /login have 2 distinct route name. Fixes #1533
author: ArthurHoaro <arthur@hoa.ro> 2020-09-01 11:26:24 +0200
committer: ArthurHoaro <arthur@hoa.ro> 2020-09-01 11:26:24 +0200
commit: 14fcfb521341fd7619cab0301cef699cb42d2080 (patch)
tree: 7c4edd65f8058df2bc4962a1dcd148fa5859b0a3 /application/front/ShaarliMiddleware.php
parent: 0e60b7f1741c35b68a37e0705521669e1191774e (diff)
download: Shaarli-14fcfb521341fd7619cab0301cef699cb42d2080.tar.gz
Shaarli-14fcfb521341fd7619cab0301cef699cb42d2080.tar.zst
Shaarli-14fcfb521341fd7619cab0301cef699cb42d2080.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php
index c015c0c6..d1aa1399 100644
--- a/application/front/ShaarliMiddleware.php
+++ b/application/front/ShaarliMiddleware.php
@@ -94,7 +94,7 @@ class ShaarliMiddleware
            && $this->container->conf->get('privacy.force_login')
            // and the current page isn't already the login page
            // and the user is not requesting a feed (which would lead to a different content-type as expected)
-            && !in_array($next->getName(), ['login', 'atom', 'rss'], true)
+            && !in_array($next->getName(), ['login', 'processLogin', 'atom', 'rss'], true)
        ) {
            throw new UnauthorizedException();
        }
author	ArthurHoaro <arthur@hoa.ro>	2020-09-01 11:26:24 +0200
committer	ArthurHoaro <arthur@hoa.ro>	2020-09-01 11:26:24 +0200
commit	14fcfb521341fd7619cab0301cef699cb42d2080 (patch)
tree	7c4edd65f8058df2bc4962a1dcd148fa5859b0a3 /application/front/ShaarliMiddleware.php
parent	0e60b7f1741c35b68a37e0705521669e1191774e (diff)
download	Shaarli-14fcfb521341fd7619cab0301cef699cb42d2080.tar.gz Shaarli-14fcfb521341fd7619cab0301cef699cb42d2080.tar.zst Shaarli-14fcfb521341fd7619cab0301cef699cb42d2080.zip

diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php index c015c0c6..d1aa1399 100644 --- a/application/front/ShaarliMiddleware.php +++ b/application/front/ShaarliMiddleware.php
@@ -94,7 +94,7 @@ class ShaarliMiddleware
94	&& $this->container->conf->get('privacy.force_login')	94	&& $this->container->conf->get('privacy.force_login')
95	// and the current page isn't already the login page	95	// and the current page isn't already the login page
96	// and the user is not requesting a feed (which would lead to a different content-type as expected)	96	// and the user is not requesting a feed (which would lead to a different content-type as expected)
97	&& !in_array($next->getName(), ['login', 'atom', 'rss'], true)	97	&& !in_array($next->getName(), ['login', 'processLogin', 'atom', 'rss'], true)
98	) {	98	) {
99	throw new UnauthorizedException();	99	throw new UnauthorizedException();
100	}	100	}