From 8b07f314e894709183dcd1944359467c8a175295 Mon Sep 17 00:00:00 2001
From: Aevann <randomname42029@gmail.com>
Date: Sat, 8 Jul 2023 16:22:02 +0300
Subject: [PATCH] fix redirect getting wiped on login fail

---
 files/routes/login.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/files/routes/login.py b/files/routes/login.py
index 1c123db040..c91dc168d6 100644
--- a/files/routes/login.py
+++ b/files/routes/login.py
@@ -60,16 +60,18 @@ def login_post(v:Optional[User]):
 		except: abort(400, "Multiple usernames have this email attached;<br>Please specify the username you want to login to!")
 	else: account = get_user(username, graceful=True)
 
+	redir = request.values.get("redirect", "").strip().rstrip('?').lower()
+
 	if not account:
 		time.sleep(random.uniform(0, 2))
-		return render_template("login/login.html", failed=True), 401
+		return render_template("login/login.html", failed=True, redirect=redir), 401
 
 
 	if request.values.get("password"):
 		if not account.verifyPass(request.values.get("password")):
 			log_failed_admin_login_attempt(account, "password")
 			time.sleep(random.uniform(0, 2))
-			return render_template("login/login.html", failed=True), 401
+			return render_template("login/login.html", failed=True, redirect=redir), 401
 
 		if account.mfa_secret or session.get("GLOBAL"):
 			now = int(time.time())
@@ -102,6 +104,7 @@ def login_post(v:Optional[User]):
 								time=now,
 								hash=hash,
 								failed=True,
+								redirect=redir,
 								), 401
 	else:
 		abort(400)
@@ -109,7 +112,6 @@ def login_post(v:Optional[User]):
 	g.login_failed = False
 	on_login(account)
 
-	redir = request.values.get("redirect", "").strip().rstrip('?').lower()
 	if redir and is_site_url(redir) and redir not in NO_LOGIN_REDIRECT_URLS:
 		return redirect(redir)
 	return redirect('/')