2697: Make the login page guess where to redirect r=mergify[bot] a=nextgens
## What type of PR?
enhancement
## What does this PR do?
Make the login page guess where to redirect.
If you access /admin/ and get redirected to /sso/login, it's only fair that it redirects you back to /admin afterwards.
This is also changing the interface for external proxy authentication, making it simpler to configure.
### Related issue(s)
- close#2692
- #1972
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
Co-authored-by: Dimitri Huisman <52963853+Diman0@users.noreply.github.com>
@ -375,6 +375,15 @@ The ``PROXY_AUTH_WHITELIST`` (default: unset/disabled) option allows you to conf
Use ``PROXY_AUTH_HEADER`` (default: 'X-Auth-Email') to customize which HTTP header the email address of the user to authenticate as should be and ``PROXY_AUTH_CREATE`` (default: False) to control whether non-existing accounts should be auto-created. Please note that Mailu doesn't currently support creating new users for non-existing domains; you do need to create all the domains that may be used manually.
Use ``PROXY_AUTH_HEADER`` (default: 'X-Auth-Email') to customize which HTTP header the email address of the user to authenticate as should be and ``PROXY_AUTH_CREATE`` (default: False) to control whether non-existing accounts should be auto-created. Please note that Mailu doesn't currently support creating new users for non-existing domains; you do need to create all the domains that may be used manually.
Once configured, any request to /sso/proxy will be redirected to the webmail and /sso/proxy/admin to the admin panel. Please check issue `1972` for more details.
Once configured, any request to /sso/login with the correct headers will be authenticated unless the "noproxyauth" parameter is passed, in which case the "standard" login form will be displayed. Please check issues `1972`_ and `2692`_ for more details.
Requests to:
- "/sso/login" results the user being redirected to the web administration interface after authentication.
- "/admin" (``WEB_ADMIN=/admin``) results the user being redirected to the web administration interface after authentication.
- "/webmail" (``WEB_WEBMAIL=/webmail``) results the user being redirected to the web administration interface after authentication.
Use ``PROXY_AUTH_LOGOUT_URL`` (default: unset) to redirect users to a specific URL after they have been logged out.