I have a link pointing to restricted page. When I access the link directly in logout status, its redirect to 404. Actually it should redirect to login form.
I tried:
config {
typolinkLinkAccessRestrictedPages=PAGE_ID
typolinkLinkAccessRestrictedPages_addParams = &return_url=###RETURN_URL###&pageId=###PAGE_ID###
}
Not working.
Also I tried the login status redirect plugin, no use.
Anyone know how to do this? I am using TYPO3 version 4.4.8.
As this is still unanswered, does this help?
Valid for TYPO3 < 8.x
# Check if user is logged in:
[usergroup = *]
# do something
[else]
page.config >
page.config.additionalHeaders = Location: http://www.yourdomain.org/login.html
[end]
I recently posted this to another questions and it crossed my mind that it might be a suitable workaround for your probem.
Found here
I'm not sure how to make redirection work correctly, but perhaps a bit of background will be helpful.
typolinkLinkAccessRestrictedPages only interacts with link generation. That way, anywhere you have a link to an access restricted page, you should get a link that points to the "PAGE Id" page. I suspect you are using your login pid in place of PAGE Id, which I guess should work, but I haven't used this particular feature. I have typolinkLinkAccessRestrictedPages = NONE which makes all links show up, linked to the correct url, but only users who are logged in will successfully load those pages.
If anyone, without being logged in, uses a bookmark to an access restricted page, or they click on one of these links, or directly type in the address, or whatever, they will run into TYPO3's 404 handling (with the error message: ID was not an accessible page). To change how TYPO3 handles these errors, you need to change what TYPO3 does via this setting in localconf.php:
$TYPO3_CONF_VARS["FE"]["pageNotFound_handling"]
I don't know if there's a clean way to just automatically redirect to the login page without hacking the pageNotFound_handling.
As far as the typoscript solution, that wouldn't work for my site, because the trigger isn't whether or not someone is logged in (often they will not be logged in)--the trigger for my site is trying to access a protected page when you are not logged in. I don't want it to redirect everyone who isn't logged in because a lot of pages don't require any login.
Fe_login cannot alone do this...
Follow these steps::
Install "pagenotfoundhandling" extention after felogin login
configuration.
Configure 403 page as login page in "pagenotfoundhandling" extention configuration.
Then, when you try to access "Access restricted page", "pagenotfoundhandling" will redirect to login page then pagenotfoundhandling handle redirect to again requested page. I have tested this on TYPO3 6.2.14
And I found an other workaround that looks like it should work fine.
# pages and subpages starting at 123 and 321 are restricted
[PIDinRootline = 123,321] && [loginUser = ]
page.headerData.666 = TEXT
page.headerData.666 {
data = getIndpEnv:TYPO3_REQUEST_URL
wrap = <meta http-equiv="refresh" content="0; URL=/passwort/?referer= | " />
}
[global]
Important notice: Do not restrict the complete page, only all contents of the page. Otherwise RealURL will trigger the 404 handler.
At the moment page.config.additionalHeaders (like used by #Mateng) does not support stdWrap, though you cannot add a referrer to redirect to the desired page after login (see TYPO3 Forge and vote for feature request).
Complete solution :
1. first in typo3conf/LocalConfiguration.php you have to add:
'FE' => [
'pageNotFound_handling' => 'REDIRECT:/login/',
"pageNotFound_handling_statheader" => 'HTTP/1.1 404 Not Found',
...
],
then add to typoscript :
'
config {
typolinkLinkAccessRestrictedPages = YOUR_LOGIN_PAGE_ID
typolinkLinkAccessRestrictedPages_addParams = &return_url=###RETURN_URL###
}
plugin.tx_felogin_pi1.redirectMode = referer
'
Because there seems no proper solution for this behaviour of TYPO3, I use the following workaround with RealURL.
Create a 404 page in TYPO3
set the Speaking URL path segment to "404-error" and check
Override the whole page path
Add a text that describes what is happening (i. e. "Page doesn't exist or is restricted, please login")
Add the felogin plugin to that page and hide it when users are logged in
Set [FE][pageNotFound_handling] = /404-error/ in the install tool
This 404-error page is shown every time a user requests a page that he is either not allowed to see or a page that does not exist. When the user uses the login form on the page, he will find the proper content immediately after login because the URI did not change at all (when there is no redirect configured for the fe_login plugin).
Related
We would like to keep the ideas we have previously presented to (non logged in) clients, but which are no longer "current". We set them to being private WP posts, so that they are no longer available to non logged in users. However, we would like to redirect anyone who clicks on that original link to a page which shows all of the currently active ideas instead.
Research led me to the solution below, but in our case we need to redirect to a specific url in each case. Our theme (the amazing Total theme from WP Explorer/AJ) does have a field for the redirect url to be entered at post level, but actually the value of the url is determined by the value of a custom taxonomy on a post ie all posts with that Taxonomy should redirect to the same url in all cases.
add_action('template_redirect', 'your_theme_private_posts_redirect', 99);
function your_theme_private_posts_redirect()
{
if (is_single() && 'private' == get_post_status(get_the_ID())) {
wp_safe_redirect(home_url());
exit();
}
}
Credit https://stackoverflow.com/questions/68954429/wordpress-how-to-redirect-private-custom-post-types
I understand that the above code would redirect all private posts to the home url, but how can I adapt it to do the following:
a) Only to apply to non logged in users and b)to set the url to be the value held in the redirect field on the post OR (better still) a custom field on the agency_artist custom taxonomy for that post. Hoping someone can help!
I'm using felogin - to get it to work I set it up in TypoScript in my root template:
plugin.tx_felogin_pi1 {
storagePid = 40,38,36,35,51
showForgotPasswordLink = 1
redirectMode = groupLogin,userLogin,login,loginError
redirectPageLogout = 6
...
It works fine, except when I try to logout while being on a page with restricted access because then it tries to find that restricted-page and for those cases I set up the install tool to redirect it to a "Page not found" template.
I noticed the logout-form action always points to the page ID I'm currently on:
<form action="index.php?id=49" target="_top" method="post">
so that's not what I want...I would like it to always be action="index.php?id=6" but my redirectPageLogout = 6 line didn't manage to change it.
Anyone an idea how can I change this?
In the felogin html template there's just ###ACTION_URI### and idk where it gets that from in the logout-form but I wanna play by the rules and not change it in the template directly...unless there's no other way.
You need to have access to a login-/logout-plugin after your logout is processed to get the forwarding working.
So if your logout plugin is on a page which is only invisible for logged in user. the logout is processed, but your redirect can't be processed (the default-handling of TYPO3 takes over and throws you to a page which is accessable). The same occurs if only the plugin itself is only visible for logged in users.
if you target the logout form directly to a page with a plugin visible for all, first the logout and secondly the redirect can be processed always.
I'm using oracle apex 5.
From the application, I'm sending mails for different users with different page links based on user roles.
For example, my app_id is 222.
For an user: the url link sent to user mail id is <hostname>:<port>/apex/f?p=222:5
For a manager: the url link sent to user mail id is <hostname>:<port>/apex/f?p=222:7
In Chrome it works fine, as the user or manager goes to link and after login, they are redirected to respective pages as 5 or 7.
But in IE, it always goes to Home page which is 1.
I have tried with APEX_CUSTOM_AUTH.LOGIN in the after submit branch pl/sql procedure of login button as well (of the login page ).
BEGIN
APEX_CUSTOM_AUTH.LOGIN (
P_UNAME => :P101_USERNAME,
P_PASSWORD => :P101_PASSWORD,
p_session_id => V('APP_SESSION'),
p_app_page => :APP_ID||':7'|| :p_session_id);
END;
Again it works good in chrome, but NOT in IE.
In IE, it always goes to home page. IE version is 11. Why in IE, it's not able to goto the page needed?. Please help.
(Chrome version 54. By the way how it works good in chrome?).
This is not academic solution but will work.
Set a parameter in your application to know if people comes from a mail or normal login.
Set a parameter in your application where you store the value from the link in the mail.
Now the magic, do a Dynamic Action on Page Load and use JS to redirect to the desired page, obviously the DA has to be conditional and the condition must be the parameter where you came from.
I'm trying to redirect the user to another page (default/news) after the login(on default/index) but no matter how much i tried i couldn't get it done. I'm using the login available in the navbar.
I've added this line to db.py
auth.settings.login_next=URL(r=request, c='default', f='news')
Everything in the default controller is the same it includes
def news():
message = "Welcome to News!"
return locals()
I've also tried with this
auth.settings.login_next=URL('news')
Which doesn't work either. Please Help.
Edit:
After searching for days i've found the answer here This is how you do it.
#In layout.html change
<ul id="navbar" class="nav pull-right">{{='auth' in globals() and auth.navbar(mode="dropdown") or ''}}</ul>
# to
<ul id="navbar" class="nav pull-right">{{='auth' in globals() and auth.navbar(mode="dropdown",referrer_actions=None) or ''}}</ul>
And again a change in db.py
#In db.py add these lines:
auth.settings.login_next = URL('news')
That worked for me.
The auth.settings.login_next URL is only a default in case there is no referrer already in the login URL (the referrer is in the "_next" query string variable). The navbar automatically includes a referrer in the auth action links (set to the URL of the current page) -- to override that, you can explicitly specify thereferrer_actions argument and exclude actions for which the referrer should not be set:
{{=auth.navbar(..., referrer_actions=['register', ...])}}
It's now April 2016, and while the original question is still highly relevant, it appears that web2py has changed and the modifications suggested above to layout.html are no longer relevant. There is no reference to "auth.navbar" in the standard layout.html.
The good news is, that all one needs to do is include the python code described above in the default.py controller and it works. Note, I put it in the 'user' function, I'm not sure if that is the best place to put it as most comments just say to put it in 'the controller', without specifying a function.
def user():
auth.settings.login_next = URL('default','dashboard')
return dict(form=auth())
I was able to redirect to a user's home page after login/signup by putting the following code in my product info page.
This way, when they get redirected back to the welcome-product-info page, I check to see if they came from login or signup and direct them to where they should go.
I'd love to find way to use auth.settings.login_next
#
def info():
# If just signed up or just logged in, go to the user's home page and not
# back to this product landing page that referred them
if auth.is_logged_in():
if '/default/user/login?_next=/fnd/home/info' in request.env.http_referer:
redirect( URL( 'user', 'show_campaigns') )
if '/default/user/register?_next=/fnd/home/info' in request.env.http_referer:
redirect( URL( 'user', 'show_campaigns') )
return dict()
I am currently developing an extension to display information for user after frontend login. The user has to accept them (like terms and conditions).
Now I am looking for a good and secure logout mechanism:
User gets redirect after login to information page
State: FE Login is available
User reads information, can click "Accept" and "Logout"
if Accept: redirect to user start page
if Logout: go to Loginpage with "logintype=logout"
Now here is the problem:
In step 2, user can enter any valid URL in Browser, and TYPO3 has valid FE Login already (Step 1) -> Page is displayed without accept.
First solution idea: Logout always at step 1, login again if click on Accept. But I don't know the user credentials for automatic login, is this possible somehow?
Second solution idea: add a cookie, and in TypoScript Template make a condition with redirect to logout. Not my favourite solution, as cookies are too easy to manipulate. And we always have strange problems with cookies, as some users are sharing their workstations.
Third solution idea: add a flag to fe_user table, if set redirect to logout. Problem: We have already performance issues. Is there a solution that dont increase the page loading time? I suppose this check has to be done with every page loading...
Do you have any solution ideas for that?
TYPO3 4.5
Extension is ExtBase
add code to fe_login extension is a possible option, we have already changes there
Here is my solution code, if someone needs it:
1) Add user Key in the extension - there is no direct Cookie Access to that:
$GLOBALS['TSFE']->fe_user->setKey('user', 'acceptFromExtension', 1);
$GLOBALS['TSFE']->storeSessionData();
2) Remove Key if accepted:
if accepted {
$GLOBALS['TSFE']->fe_user->setKey('user', 'acceptFromExtension', 0);
$GLOBALS['TSFE']->storeSessionData();
}
2) Check Key with TypoScript - its stored in fe_user|uc:
[globalVar = TSFE:fe_user|uc|acceptFromExtension> 0]
page.config >
page.config.additionalHeaders = Location: http://www.mydomain.com/index.php?id=111&logintype=logout
[END]
Thanks to sankar-v for that!
Can't we use session? Set a session variable when the user clicks on accept and then use a typoscript condition like:
[globalVar = TSFE:fe_user|sesData|accept > 0]
page.10.userFunc = tx_templavoila_pi1->main_page
[ELSE]
page.10 = TEXT
page.10.value = You are not allowed to visit this page
or
page.config >
page.config.additionalHeaders = Location: http://www.yourdomain.org/login.html
[END]
While you have own extension, you can just programmically logoff the user in it and then redirect the browser to any other page ($somePreparedUri can be created in your extension or i.e. fetched from TypoScript - as a static value - depends on your needs)
if (!$accepted)
$GLOBALS['TSFE']->fe_user->logoff();
return $this->redirectToUri($somePreparedUri);
)