Merge pull request #2252 from suraj-webkul/issue#2241

VikassWebkul214254 · web-flow · commit 3bda12bd9fb8 · 2025-06-30T11:33:32.000+05:30
Issue #2241 has been fixed.
diff --git a/packages/Webkul/Admin/src/Http/Controllers/User/SessionController.php b/packages/Webkul/Admin/src/Http/Controllers/User/SessionController.php
@@ -2,38 +2,38 @@
 
 namespace Webkul\Admin\Http\Controllers\User;
 
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Support\Collection;
+use Illuminate\View\View;
 use Webkul\Admin\Http\Controllers\Controller;
+use Webkul\Core\Menu\MenuItem;
 
 class SessionController extends Controller
 {
     /**
      * Show the form for creating a new resource.
-     *
-     * @return \Illuminate\View\View
      */
-    public function create()
+    public function create(): RedirectResponse|View
     {
         if (auth()->guard('user')->check()) {
             return redirect()->route('admin.dashboard.index');
-        } else {
-            if (strpos(url()->previous(), 'admin') !== false) {
-                $intendedUrl = url()->previous();
-            } else {
-                $intendedUrl = route('admin.dashboard.index');
-            }
+        }
 
-            session()->put('url.intended', $intendedUrl);
+        $previousUrl = url()->previous();
 
-            return view('admin::sessions.login');
-        }
+        $intendedUrl = str_contains($previousUrl, 'admin')
+            ? $previousUrl
+            : route('admin.dashboard.index');
+
+        session()->put('url.intended', $intendedUrl);
+
+        return view('admin::sessions.login');
     }
 
     /**
      * Store a newly created resource in storage.
-     *
-     * @return \Illuminate\Http\Response
      */
-    public function store()
+    public function store(): RedirectResponse
     {
         $this->validate(request(), [
             'email'    => 'required|email',
@@ -54,9 +54,11 @@ public function store()
             return redirect()->route('admin.session.create');
         }
 
-        if (! bouncer()->hasPermission('dashboard')) {
-            $availableNextMenu = menu()->getItems('admin')?->first();
+        $menus = menu()->getItems('admin');
 
+        $availableNextMenu = $menus?->first();
+
+        if (! bouncer()->hasPermission('dashboard')) {
             if (is_null($availableNextMenu)) {
                 session()->flash('error', trans('admin::app.users.not-permission'));
 
@@ -68,18 +70,48 @@ public function store()
             return redirect()->to($availableNextMenu->getUrl());
         }
 
-        return redirect()->intended(route('admin.dashboard.index'));
+        $hasAccessToIntendedUrl = $this->canAccessIntendedUrl($menus, redirect()->getIntendedUrl());
+
+        if ($hasAccessToIntendedUrl) {
+            return redirect()->intended(route('admin.dashboard.index'));
+        }
+
+        return redirect()->to($availableNextMenu->getUrl());
     }
 
     /**
      * Remove the specified resource from storage.
-     *
-     * @return \Illuminate\Http\Response
      */
-    public function destroy()
+    public function destroy(): RedirectResponse
     {
         auth()->guard('user')->logout();
 
         return redirect()->route('admin.session.create');
     }
+
+    /**
+     * Find menu item by URL.
+     */
+    protected function canAccessIntendedUrl(Collection $menus, ?string $url): ?MenuItem
+    {
+        if (is_null($url)) {
+            return null;
+        }
+
+        foreach ($menus as $menu) {
+            if ($menu->getUrl() === $url) {
+                return $menu;
+            }
+
+            if ($menu->haveChildren()) {
+                $found = $this->canAccessIntendedUrl($menu->getChildren(), $url);
+
+                if ($found) {
+                    return $found;
+                }
+            }
+        }
+
+        return null;
+    }
 }
