0

In my grails app I use interceptors for checking if a user is logged in or not. If not, the user should be redirected to the login page (/account/index). This does not work for some reason. (Additional info: I didn't define namespaces for my controllers.)

The relevant code snippets from my application:

class UrlMappings {

static mappings = {
    "/$controller/$action?/$id?(.$format)?"{
        constraints {
            // apply constraints here
        }
    }

    "/"(controller: "account", action:"index")
    "500"(view:'/error')
    "404"(view:'/notFound')
  }
}

In application.yml I have set:

grails:
    profile: web
    cors:
        enabled: true
    codegen:
        defaultPackage: myapp
    gorm:
        reactor:
            # Whether to translate GORM events into Reactor events
            # Disabled by default for performance reasons
            events: false
spring:
    jmx:
        unique-names: true
    main:
        banner-mode: "off"
    groovy:
        template:
            check-template-location: false
    devtools:
        restart:
            additional-exclude:
                - '*.gsp'
                - '**/*.gsp'
                - '*.gson'
                - '**/*.gson'
                - 'logback.groovy'
                - '*.properties'
                - 'grails-app/views/**'
                - 'grails-app/i18n/**'
                - 'grails-app/conf/**'
management:
    endpoints:
        enabled-by-default: false

but setting the cors to enabled or removing these lines didn't make any difference.

The redirect in an interceptor (I've got one interceptor for each controller, I think that's the way to go), looks like this:

class ZoneInterceptor {

    boolean before() {
        Boolean allowed = session?.user != null
        if (!allowed) {
            redirect(controller: "account", action: "index")
            return false
        }
        return allowed
    }

    boolean after() { true }

    void afterView() {
        // no-op
    }
}

This code gives me a funky message: the browser shows a popup "Open xdg-open? A website wants to open this application" (using the latest chromium and brave browser, both react in the same way, firefox just doesn't do anything. That's why I think the problem is definitely on my side).

How can I solve that? I just want to have a proper redirect, not any xdg-open popup.

Thanks for all your help in advance!

sideshowbarker
  • 81,827
  • 26
  • 193
  • 197
Manfred
  • 3
  • 3
  • If `session?.user` is `null` you are redirecting to `controller: "account", action: "index"`. It looks like at that point the interceptor would intercept the redirect request and `session?.user` would still be `null` so you would redirect again. Is that the case? – Jeff Scott Brown Jul 20 '20 at 14:42
  • No, the ZoneInterceptor is for the ZoneController, the AccountInterceptor looks a bit different: following the allowed = ... line I have put: allowed |= actionName == "index" (and a few more). So that works without getting into permanent redirects. – Manfred Jul 20 '20 at 19:30
  • "This code gives me a funky message: the browser shows a popup "Open xdg-open?" - I cannot reproduce the problem. Are you able to reproduce it in a sample app that can be shared? – Jeff Scott Brown Jul 23 '20 at 18:47
  • "I just want to have a proper redirect, not any xdg-open popup." - The xdg-open popup is not caused by the redirect. There is something else in your app that is relevant. – Jeff Scott Brown Jul 23 '20 at 21:04
  • I tried to set up a small demo example, but wasn't able to reproduce it either. I will thoroughly check my dependencies between Interceptors. That's the hope I have to find my mistake there. Thanks to everyone who contributed, I will post if I find the solution (or come up with a better question). – Manfred Aug 03 '20 at 15:42

0 Answers0