From d9f621c9226d1a087774362501e9ceced2098581 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Mon, 10 May 2021 12:29:51 +1000
Subject: [PATCH 1/3] Login redirect fix

---
 InvenTree/InvenTree/middleware.py | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/InvenTree/InvenTree/middleware.py b/InvenTree/InvenTree/middleware.py
index f30d77ad3b..1f9aa23513 100644
--- a/InvenTree/InvenTree/middleware.py
+++ b/InvenTree/InvenTree/middleware.py
@@ -78,8 +78,16 @@ class AuthRequiredMiddleware(object):
                     return HttpResponseRedirect(reverse_lazy('login'))
 
                 login = reverse_lazy('login')
+                logout = reverse_lazy('logout')
 
-                if not request.path_info == login and not request.path_info.startswith('/api/'):
+                path = request.path_info
+
+                urls = [
+                    login,
+                    logout,
+                ]
+
+                if path not in urls and not path.startswith('/api/') and '/admin/logout/' not in path:
                     # Save the 'next' parameter to pass through to the login view
 
                     return redirect('%s?next=%s' % (login, request.path))

From be31154a444d92496bb5c9b7502aaf53c4513959 Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Mon, 10 May 2021 12:33:49 +1000
Subject: [PATCH 2/3] Cleaner implementation

---
 InvenTree/InvenTree/middleware.py | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/InvenTree/InvenTree/middleware.py b/InvenTree/InvenTree/middleware.py
index 1f9aa23513..32ecd33b86 100644
--- a/InvenTree/InvenTree/middleware.py
+++ b/InvenTree/InvenTree/middleware.py
@@ -77,17 +77,17 @@ class AuthRequiredMiddleware(object):
                 if request.path_info == reverse_lazy('logout'):
                     return HttpResponseRedirect(reverse_lazy('login'))
 
-                login = reverse_lazy('login')
-                logout = reverse_lazy('logout')
-
                 path = request.path_info
 
+                # List of URL endpoints we *do not* want to redirect to
                 urls = [
-                    login,
-                    logout,
+                    reverse_lazy('login'),
+                    reverse_lazy('logout'),
+                    reverse_lazy('admin:login'),
+                    reverse_lazy('admin:logout'),
                 ]
 
-                if path not in urls and not path.startswith('/api/') and '/admin/logout/' not in path:
+                if path not in urls and not path.startswith('/api/'):
                     # Save the 'next' parameter to pass through to the login view
 
                     return redirect('%s?next=%s' % (login, request.path))

From 7e55e343e2cb0d90fb392abaa6e837984b357d4a Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Mon, 10 May 2021 12:35:19 +1000
Subject: [PATCH 3/3] PEP fix

---
 InvenTree/InvenTree/middleware.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/InvenTree/InvenTree/middleware.py b/InvenTree/InvenTree/middleware.py
index 32ecd33b86..b905e86795 100644
--- a/InvenTree/InvenTree/middleware.py
+++ b/InvenTree/InvenTree/middleware.py
@@ -90,7 +90,7 @@ class AuthRequiredMiddleware(object):
                 if path not in urls and not path.startswith('/api/'):
                     # Save the 'next' parameter to pass through to the login view
 
-                    return redirect('%s?next=%s' % (login, request.path))
+                    return redirect('%s?next=%s' % (reverse_lazy('login'), request.path))
 
         # Code to be executed for each request/response after
         # the view is called.