From 5df4556e9c5994e5552458b845ff076a4da4578c Mon Sep 17 00:00:00 2001
From: Shane Kilkelly <shane@kilkelly.me>
Date: Wed, 15 Nov 2017 13:30:40 +0000
Subject: [PATCH] Set redirect when bouncing away from token route

This ensures that when the user logs in they will be redirected back
to this token, the page they wanted to access in the first place.
---
 .../Features/TokenAccess/TokenAccessController.coffee      | 1 +
 .../coffee/TokenAccess/TokenAccessControllerTests.coffee   | 7 +++++++
 2 files changed, 8 insertions(+)

diff --git a/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee b/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee
index 4b88e1914b..b6b65cc7a7 100644
--- a/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee
+++ b/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee
@@ -52,6 +52,7 @@ module.exports = TokenAccessController =
 					else
 						logger.log {token, projectId: project._id},
 							"[TokenAccess] deny anonymous read-and-write token access"
+						AuthenticationController._setRedirectInSession(req)
 						return res.redirect('/restricted')
 				if project.owner_ref.toString() == userId
 					logger.log {userId, projectId: project._id},
diff --git a/services/web/test/UnitTests/coffee/TokenAccess/TokenAccessControllerTests.coffee b/services/web/test/UnitTests/coffee/TokenAccess/TokenAccessControllerTests.coffee
index 9695f5f428..747822b896 100644
--- a/services/web/test/UnitTests/coffee/TokenAccess/TokenAccessControllerTests.coffee
+++ b/services/web/test/UnitTests/coffee/TokenAccess/TokenAccessControllerTests.coffee
@@ -48,6 +48,7 @@ describe "TokenAccessController", ->
 				@TokenAccessHandler.addReadAndWriteUserToProject = sinon.stub()
 					.callsArgWith(2, null)
 				@ProjectController.loadEditor = sinon.stub()
+				@AuthenticationController._setRedirectInSession = sinon.stub()
 				@TokenAccessController.readAndWriteToken @req, @res, @next
 
 			it 'should try to find a project with this token', (done) ->
@@ -159,6 +160,7 @@ describe "TokenAccessController", ->
 						.callsArgWith(2, null)
 					@ProjectController.loadEditor = sinon.stub()
 					@TokenAccessHandler.grantSessionTokenAccess = sinon.stub()
+					@AuthenticationController._setRedirectInSession = sinon.stub()
 					@TokenAccessController.readAndWriteToken @req, @res, @next
 
 				it 'should not add the user to the project with read-write access', (done) ->
@@ -176,6 +178,11 @@ describe "TokenAccessController", ->
 					expect(@ProjectController.loadEditor.calledWith(@req, @res, @next)).to.equal false
 					done()
 
+				it 'should set redirect in session', (done) ->
+					expect(@AuthenticationController._setRedirectInSession.callCount).to.equal 1
+					expect(@AuthenticationController._setRedirectInSession.calledWith(@req)).to.equal true
+					done()
+
 				it 'should redirect to restricted page', (done) ->
 					expect(@res.redirect.callCount).to.equal 1
 					expect(@res.redirect.calledWith('/restricted')).to.equal true