From 5ffbf53eafda2e3f15b13c48b6ea2c5f3eb07589 Mon Sep 17 00:00:00 2001
From: telnet23 <telnet23@users.noreply.github.com>
Date: Thu, 25 Sep 2025 22:07:53 -0400
Subject: [PATCH] feat(login): redirect back to original page after logging in

---
 internal/template/templates/views/login.html |  1 +
 internal/ui/login_check.go                   | 10 ++++++++++
 internal/ui/login_show.go                    |  2 ++
 internal/ui/middleware.go                    |  7 ++++++-
 4 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/internal/template/templates/views/login.html b/internal/template/templates/views/login.html
index 5462d4be..4815e79a 100644
--- a/internal/template/templates/views/login.html
+++ b/internal/template/templates/views/login.html
@@ -8,6 +8,7 @@
     {{ if not disableLocalAuth }}
     <form action="{{ route "checkLogin" }}" method="post">
         <input type="hidden" name="csrf" value="{{ .csrf }}">
+        <input type="hidden" name="redirect_url" value="{{ .redirectURL }}">
 
         {{ if .errorMessage }}
             <div role="alert" class="alert alert-error">{{ .errorMessage }}</div>
diff --git a/internal/ui/login_check.go b/internal/ui/login_check.go
index 2c3703ef..f8c119b5 100644
--- a/internal/ui/login_check.go
+++ b/internal/ui/login_check.go
@@ -6,6 +6,7 @@ package ui // import "miniflux.app/v2/internal/ui"
 import (
 	"log/slog"
 	"net/http"
+	"net/url"
 
 	"miniflux.app/v2/internal/config"
 	"miniflux.app/v2/internal/http/cookie"
@@ -22,6 +23,8 @@ func (h *handler) checkLogin(w http.ResponseWriter, r *http.Request) {
 	clientIP := request.ClientIP(r)
 	sess := session.New(h.store, request.SessionID(r))
 	view := view.New(h.tpl, r, sess)
+	redirectURL := r.FormValue("redirect_url")
+	view.Set("redirectURL", redirectURL)
 
 	if config.Opts.DisableLocalAuth() {
 		slog.Warn("blocking local auth login attempt, local auth is disabled",
@@ -93,5 +96,12 @@ func (h *handler) checkLogin(w http.ResponseWriter, r *http.Request) {
 		config.Opts.BasePath(),
 	))
 
+	if redirectURL != "" {
+		if parsedURL, err := url.Parse(redirectURL); err == nil && !parsedURL.IsAbs() {
+			html.Redirect(w, r, redirectURL)
+			return
+		}
+	}
+
 	html.Redirect(w, r, route.Path(h.router, user.DefaultHomePage))
 }
diff --git a/internal/ui/login_show.go b/internal/ui/login_show.go
index 6f4d55da..eebc69ee 100644
--- a/internal/ui/login_show.go
+++ b/internal/ui/login_show.go
@@ -27,5 +27,7 @@ func (h *handler) showLoginPage(w http.ResponseWriter, r *http.Request) {
 
 	sess := session.New(h.store, request.SessionID(r))
 	view := view.New(h.tpl, r, sess)
+	redirectURL := request.QueryStringParam(r, "redirect_url", "")
+	view.Set("redirectURL", redirectURL)
 	html.OK(w, r, view.Render("login"))
 }
diff --git a/internal/ui/middleware.go b/internal/ui/middleware.go
index 6e37f916..6d113fac 100644
--- a/internal/ui/middleware.go
+++ b/internal/ui/middleware.go
@@ -8,6 +8,7 @@ import (
 	"errors"
 	"log/slog"
 	"net/http"
+	"net/url"
 
 	"miniflux.app/v2/internal/config"
 	"miniflux.app/v2/internal/crypto"
@@ -42,7 +43,11 @@ func (m *middleware) handleUserSession(next http.Handler) http.Handler {
 				slog.Debug("Redirecting to login page because no user session has been found",
 					slog.String("url", r.RequestURI),
 				)
-				html.Redirect(w, r, route.Path(m.router, "login"))
+				loginURL, _ := url.Parse(route.Path(m.router, "login"))
+				values := loginURL.Query()
+				values.Set("redirect_url", r.RequestURI)
+				loginURL.RawQuery = values.Encode()
+				html.Redirect(w, r, loginURL.String())
 			}
 		} else {
 			slog.Debug("User session found",