[Feature Request]: Allow the use of login URL query param that dictates route post login #2616

New Issue

OVERLORD · 2026-02-05T04:37:37+03:00

OVERLORD commented

2026-02-05 04:37:37 +03:00

Originally created by @cod3monk on GitHub (Jan 31, 2022).

Describe the feature you'd like

When a guest (not logged in user) requests a forbidden create-page action, offer the user to authenticate and continue with the page creation according to the original request.

Describe the benefits this feature would bring to BookStack users

Currently, the user is redirected to the main page and presented with an error message. The only reasonable way to proceed from here would be to login and reopen the original link, or to login and then manually navigate to the appropriate location in the wiki and click on create.

Additional context

I want to pass a create-page link to a large crowd (of mostly non-techs) that will allow them to quickly create a page within a certain book. Having to explain them where specifically they are supposed to create the page and that they will have to login first, makes this process more tedious for everyone.

Originally created by @cod3monk on GitHub (Jan 31, 2022). ### Describe the feature you'd like When a guest (not logged in user) requests a forbidden create-page action, offer the user to authenticate and continue with the page creation according to the original request. ### Describe the benefits this feature would bring to BookStack users Currently, the user is redirected to the main page and presented with an error message. The only reasonable way to proceed from here would be to login and reopen the original link, or to login and then manually navigate to the appropriate location in the wiki and click on create. ### Additional context I want to pass a create-page link to a large crowd (of mostly non-techs) that will allow them to quickly create a page within a certain book. Having to explain them where specifically they are supposed to create the page and that they will have to login first, makes this process more tedious for everyone.

OVERLORD added the 🔨 Feature Request label 2026-02-05 04:37:37 +03:00

OVERLORD commented

2026-02-05 04:37:40 +03:00

@ssddanbrown commented on GitHub (Feb 8, 2022):

Thank you for the request @cod3monk.

In terms of the exact implementation you have requested, I don't see this as something suitable for addition with BookStack.
Although we could redirect them to the login page, we don't have a way to know if they'd have permission after they logged in.
This could result in a permission error redirecting to the login page, only for the user to login and see they still don't have permission.

I understand your use-case though. I think it may work if we added something more generic to work for a wider set of potential use-cases, while being easier to implement/maintain. Would the following sound sufficient?:

Addition of a redirect parameter to he login URL.
On successful login, or if already logged in, the user would be redirected to the given redirect path.
The link you may share would look something like this:
- https://demo.bookstackapp.com/login?redirect=/books/dummy-content-book/create-page
We'd have to ensure only paths leading within the instance can be provided (So no full URLs, leading to other domains) to prevent any open redirects as a security concern.

@ssddanbrown commented on GitHub (Feb 8, 2022): Thank you for the request @cod3monk. In terms of the exact implementation you have requested, I don't see this as something suitable for addition with BookStack. Although we could redirect them to the login page, we don't have a way to know if they'd have permission after they logged in. This could result in a permission error redirecting to the login page, only for the user to login and see they still don't have permission. I understand your use-case though. I think it may work if we added something more generic to work for a wider set of potential use-cases, while being easier to implement/maintain. Would the following sound sufficient?: - Addition of a `redirect` parameter to he login URL. - On successful login, or if already logged in, the user would be redirected to the given `redirect` path. - The link you may share would look something like this: - `https://demo.bookstackapp.com/login?redirect=/books/dummy-content-book/create-page` - We'd have to ensure only paths leading within the instance can be provided (So no full URLs, leading to other domains) to prevent any open redirects as a security concern.

OVERLORD commented

2026-02-05 04:37:43 +03:00

@cod3monk commented on GitHub (Feb 8, 2022):

That would work for me.

@cod3monk commented on GitHub (Feb 8, 2022): That would work for me.

OVERLORD commented

2026-02-05 04:37:46 +03:00

@ssddanbrown commented on GitHub (Feb 8, 2022):

Awesome, Will re-focus the title of this issue.

@ssddanbrown commented on GitHub (Feb 8, 2022): Awesome, Will re-focus the title of this issue.

OVERLORD commented

2026-02-05 04:37:48 +03:00

@benz2012 commented on GitHub (May 18, 2022):

This feature would be awesome even just for page viewing (non-action based URLs).

We run into the issue a lot since the Bookstack session isn't tied to our own custom Company user session, and so "Logging into our company" doesn't carry over to Bookstack. And since most of our users "live" in Slack, most of them navigate to Bookstack through a link that takes them to a specific page -- but alas, they never make it to that page post-login.

Edit: Although it sounds like Dan Brown's solution would require us to update All Links we save to look like https://demo.bookstackapp.com/login?redirect=/... which would be be tedious and error-prone

Edit 2:

This could result in a permission error redirecting to the login page, only for the user to login and see they still don't have permission.

I think that's exactly how Link Redirect to LoginPage With Redirect is supposed to work and works on other platforms.

What makes you say that this is "[not] suitable for addition with BookStack"?

@benz2012 commented on GitHub (May 18, 2022): This feature would be awesome even just for page viewing (non-action based URLs). We run into the issue a lot since the Bookstack session isn't tied to our own custom Company user session, and so "Logging into our company" doesn't carry over to Bookstack. And since most of our users "live" in Slack, most of them navigate to Bookstack through a link that takes them to a specific page -- but alas, they never make it to that page post-login. Edit: Although it sounds like Dan Brown's solution would require us to update All Links we save to look like `https://demo.bookstackapp.com/login?redirect=/...` which would be be tedious and error-prone Edit 2: > This could result in a permission error redirecting to the login page, only for the user to login and see they still don't have permission. I think that's exactly how _Link Redirect to LoginPage With Redirect_ is supposed to work and works on other platforms. What makes you say that this is "[not] suitable for addition with BookStack"?

OVERLORD commented

2026-02-05 04:37:53 +03:00

@cod3monk commented on GitHub (Jul 4, 2024):

Any news on this? I came across this issue again, in a scenario where we would like to print out QR-codes with links to create-page URLs. Without login this leads to an 403 error, but no user friendly way to login and try again. After loggin in the original url is lost and needs to be rescanned.

@cod3monk commented on GitHub (Jul 4, 2024): Any news on this? I came across this issue again, in a scenario where we would like to print out QR-codes with links to create-page URLs. Without login this leads to an 403 error, but no user friendly way to login and try again. After loggin in the original url is lost and needs to be rescanned.

OVERLORD referenced this issue

2026-02-05 10:22:59 +03:00

[PR #2616] [MERGED] Fixed german formal translation #6028

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#2616