Custom redirection after login not working as expected

Hi @theogk,

Thanks for raising issue, I have created an internal ticket for this, I will get back to you on this asap.

Regards

@hjogiupdraftplus – I can confirm the behavior on multisite installations too. In a missing post it was pointed out to try deleting line 23 of the file listed below.

wp-content\plugins\all-in-one-wp-security-and-firewall\classes\wp-security-wp-loaded-tasks.php

//add_action('login_init', array($this, 'aiowps_login_init'));

I can confirm that commenting out that line corrects the problem on both stand alone and multisite installations. You may pass this information to your development team to incorporate a permanent fix.

@rhapsody348 ‘s comment fixes indeed the first scenario (a), where a user is logged out and performs the login process. With the aiowps_login_init function commented out the redirect works fine.

But it still doesn’t work on the scenario (b) when a user is already logged (in another tab for example) and clicks the link with the redirect_to . In this case too, the admin should be redirected to the correct page.

Hi @theogk,

Ok, I will cross check if user already logged in and click link with redirect_to why do not works. considering you do not use rename login page feature.

Regards

Hi @theogk

If We cross check here for

a) after a (previously logged out) admin successfully logs in via the login link containing the redirect_to parameter

Step 1: Install AIOS 5.2.9 and activate it.

Step 2: Go to WP security > User security > Salt – enable saltpostfix and save – which shows confirm message ( but logs out the admin )

Step 3- click Settings redirects to below url on login it redirects

https://aios210324.test/wp-login.php?redirect_to=http%3A%2F%2Faios210324.test%2Fwp-admin%2Foptions-general.php&reauth=1

What I can see diffrent is the &reauth=1 not in your link

b) when an admin is already logged in (another tab) and visits the login link containing the redirect_to parameter without &reauth=1 it is the issue. but why &reauth=1 is not added if it is there it will load the login page.

https://aios210324.test/wp-login.php?redirect_to=http%3A%2F%2Faios210324.test%2Fwp-admin%2Foptions-general.php

Regards

Hi @theogk

Can any one of you please reply my last comment. below is minor change to comment for step3 so could be understood more.

a) Step -3 If I cross check on login it redirects as expected there seems no issue if &reauth=1 is added.

@hjogiupdraftplus – I tried the test file you posted in a previously deleted thread. This was on a multisite installation. It appears to operate properly.

@rhapsody348

Thanks

Hi @hjogiupdraftplus, I’m sorry I missed your reply.

Scenario (a) for logged-out users seems to work fine when salt postfix is enabled. It works fine both with and without &reauth=1 parameter.

In scenario (b) when an admin is already logged in in another tab, the redirect doesn’t work for both cases where &reauth=1 is present or not.

I initially skipped the reauth parameter in my example because I didn’t want to force the admin to re-authenticate, but just redirect him to the redirect_to URL. But it’s not a big problem for me to re-auth. But right now it is still not working for scenario (b) even if &reauth=1 is present.

Please have a look again. Thank you

Hi @theogk

Some how I senth the zip for fix and related reply in this topic seems not visible,

rhapsody348 has tested and it works fine there.

We have considered the redirect_to param. Can you please upload the zip as Add a new plugin and replace it with the existing AIOS plugin and confirm there is no anymore any issue?

https://gofile.io/d/TWzLVe

Regards

Hi @hjogiupdraftplus!

Yes, I couldn’t see any zip in the previous replies, but now is visible.

I just tested it and it works correctly in all scenarios (a & b) and with or without reauth parameter.

Thank you very much, I really appreciate it ??

Hi @theogk,

Glad to know the fix works correctly there.

Regards