From e0f8fd8ef2d5bc6a05bd25c3ca18be314173f368 Mon Sep 17 00:00:00 2001
From: Lanre Adelowo <yo@lanre.wtf>
Date: Mon, 23 Jul 2018 15:45:39 +0100
Subject: [PATCH] support redirecting to location the user actually want to go
 to before being forced to change his/her password

---
 modules/context/auth.go | 1 +
 routers/user/auth.go    | 7 +++++++
 2 files changed, 8 insertions(+)

diff --git a/modules/context/auth.go b/modules/context/auth.go
index f6685ebc6..110122cb6 100644
--- a/modules/context/auth.go
+++ b/modules/context/auth.go
@@ -52,6 +52,7 @@ func Toggle(options *ToggleOptions) macaron.Handler {
 			if ctx.User.MustChangePassword {
 				ctx.Data["Title"] = ctx.Tr("auth.must_change_password")
 				ctx.Data["ChangePasscodeLink"] = setting.AppSubURL + "/user/change_password"
+				ctx.SetCookie("redirect_to", url.QueryEscape(setting.AppSubURL+ctx.Req.RequestURI), 0, setting.AppSubURL)
 				ctx.Redirect(setting.AppSubURL + "/user/settings/change_password")
 				return
 			}
diff --git a/routers/user/auth.go b/routers/user/auth.go
index ab8112e74..4feee9cc5 100644
--- a/routers/user/auth.go
+++ b/routers/user/auth.go
@@ -1247,5 +1247,12 @@ func MustChangePasswordPost(ctx *context.Context, cpt *captcha.Captcha, form aut
 	ctx.Flash.Success(ctx.Tr("settings.change_password_success"))
 
 	log.Trace("User updated password: %s", u.Name)
+
+	if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 && !util.IsExternalURL(redirectTo) {
+		ctx.SetCookie("redirect_to", "", -1, setting.AppSubURL)
+		ctx.RedirectToFirst(redirectTo)
+		return
+	}
+
 	ctx.Redirect(setting.AppSubURL + "/")
 }