Page redirect loop issue

#1

I am trying to create a reset password page and tried to open the reset page upon clicking the “Forgot password?” link but the issue is that it keeps going on loop until the browser will display “ERR_TOO_MANY_REDIRECTS” or mypage.local redirected you too many times.

What I did is add some small changes to the AuthMiddleware.php so it would redirect to ‘reset.page’ when “Forgot password?” is clicked.

public function __invoke($request, $response, $next)
{

    if (!$this->container->auth->checkSession()) {
        $this->container->flash->addMessage('error', 'Your session has expired.');

        return $response->withRedirect($this->container->router->pathFor('login.page'));
    }

    $getPath = $request->getUri()->getPath();

    if (!$this->container->auth->check() && strpos($getPath,'reset')) {

        return $response->withRedirect($this->container->router->pathFor('reset.page', [], [
            'callback' => $request->getUri()->getPath()
        ]));
    }

    if (!$this->container->auth->check() ) {
        $this->container->flash->addMessage('error', 'Please login first');

        return $response->withRedirect($this->container->router->pathFor('login.page', [], [
            'callback' => $request->getUri()->getPath()
        ]));
    }
    
    $response = $next($request, $response);
    return $response;
}

image

#2

We might need to see how your routes are setup and which middleware are applied to the route. I’m guessing, but it sounds like your forgot password route may have the Auth middleware applied which would cause the redirect loop.

#3


The last 2 lines are the paths for “reset.page”

I’d like to apologize for the image since I’m replying this through phone. (Our internet broke).

The issue is that when I comment this code.

`if (!$this->container->auth->check() && strpos($getPath,'reset')) {

        return $response->withRedirect($this->container->router->pathFor('reset.page', [], [
            'callback' => $request->getUri()->getPath()
        ]));
    }`

There will be a prompt that I need to log in first. Which I dont have to. So this code is really needed.