diff --git a/partials/landingpage/admin/dashboard.php b/partials/landingpage/admin/dashboard.php index 758836b..0eb1fc0 100644 --- a/partials/landingpage/admin/dashboard.php +++ b/partials/landingpage/admin/dashboard.php @@ -16,6 +16,9 @@ $debugRedirect = isset($_GET['debug_redirect']); diff --git a/partials/landingpage/admin/profile.php b/partials/landingpage/admin/profile.php index 9a2d6f9..8d15096 100644 --- a/partials/landingpage/admin/profile.php +++ b/partials/landingpage/admin/profile.php @@ -16,6 +16,9 @@ $debugRedirect = isset($_GET['debug_redirect']); diff --git a/partials/landingpage/admin/settings.php b/partials/landingpage/admin/settings.php index a7d2f77..05f7be5 100644 --- a/partials/landingpage/admin/settings.php +++ b/partials/landingpage/admin/settings.php @@ -16,6 +16,9 @@ $debugRedirect = isset($_GET['debug_redirect']); diff --git a/public/assets/js/api.js b/public/assets/js/api.js index c88f5ee..a6519c1 100644 --- a/public/assets/js/api.js +++ b/public/assets/js/api.js @@ -4,6 +4,10 @@ const API = (window.APP_API_BASE && window.APP_API_BASE.replace(/\/$/, '')) || (BASE ? `${BASE}/api.php` : 'api.php'); +const searchParams = new URLSearchParams(window.location.search || ''); +const disableAuthRedirect = + Boolean(window.DISABLE_AUTH_REDIRECT) || searchParams.has('debug_redirect'); + /** ---- intern: Hilfen ---- */ function withTs(url) { const sep = url.includes("?") ? "&" : "?"; @@ -30,7 +34,9 @@ async function apiFetch(url, init = {}) { ...init, }); if (res.status === 401) { - window.location.href = "/login.php"; + if (!disableAuthRedirect) { + window.location.href = "/login.php"; + } throw new Error("unauthorized"); } return res;