There are cases when the original "next" got lost. I did not full track the cause of the problem. The code in Auth was a quick hack to handle it.
On Sep 17, 11:26 am, Jonathan Lundell <jlund...@pobox.com> wrote: > On Sep 17, 2011, at 8:46 AM, Massimo Di Pierro wrote: > > > > > > > > > > > The basic use case is this: > > User clicks on a link that requires_login and gets redirected to the > > login page. After login the user is redirected to the original > > requested page. > > Exceptions: > > - the login is outsourced to janrain > > - the login is outsourced to cas or other open-id > > - the login is not possible and the user must first register > > - after login is redirected to the intended page but the app logic > > finds this user has incomplete profile and redirects to profile > > editing (*) > > - what if the user is impersonating another user? (?) > > - the user is visiting a page that does not require login but LOADs a > > component that does (?) > > - the user is visiting a page that does not require login but IFRAMEs > > a component that does > > - the user has another window open (**) > > (*) is not currently supported. (?) not sure if it works (**) worked > > with _next but not not with session._auth_next. > > The old logic saves a next link in session in Auth(). What's that for?