pkg/server: fix /demologin to properly redirect to home page

pkg/server/authentication.go

@@ -240,7 +240,7 @@ func (s *authenticationServer) demoLogin(w http.ResponseWriter, req *http.Reques
 
 	w.Header()["Set-Cookie"] = []string{cookie.String()}
 	w.Header()["Location"] = []string{"/"}
-	w.WriteHeader(302)
+	w.WriteHeader(http.StatusTemporaryRedirect)
 	_, _ = w.Write([]byte("you can use the UI now"))
 }
 

pkg/server/server_controller_http.go

@@ -153,6 +153,8 @@ func (c *serverController) attemptLoginToAllTenants() http.Handler {
 		}
 		defer r.Body.Close()
 
+		redirect := false
+		redirectLocation := "/" // default to home page
 		for _, name := range tenantNames {
 			server, err := c.getServer(ctx, name)
 			if err != nil {
@@ -185,6 +187,16 @@ func (c *serverController) attemptLoginToAllTenants() http.Handler {
 					name:      string(name),
 					setCookie: setCookieHeader,
 				})
+				// In the case of /demologin, we want to redirect to the provided location
+				// in the header. If we get back a cookie along with an
+				// http.StatusTemporaryRedirect code, be sure to transfer the response code
+				// along with the Location into the ResponseWriter later.
+				if sw.code == http.StatusTemporaryRedirect {
+					redirect = true
+					if locationHeader, ok := sw.Header()["Location"]; ok && len(locationHeader) > 0 {
+						redirectLocation = locationHeader[0]
+					}
+				}
 			}
 		}
 		// If the map has entries, the method to create the aggregated session should
@@ -217,7 +229,11 @@ func (c *serverController) attemptLoginToAllTenants() http.Handler {
 					return
 				}
 			}
-			w.WriteHeader(http.StatusOK)
+			if redirect {
+				http.Redirect(w, r, redirectLocation, http.StatusTemporaryRedirect)
+			} else {
+				w.WriteHeader(http.StatusOK)
+			}
 		} else {
 			w.WriteHeader(http.StatusUnauthorized)
 		}