From c517d4690acc5494e16a737dd582aa12559d80c3 Mon Sep 17 00:00:00 2001
From: Jens L <jens@goauthentik.io>
Date: Sun, 30 Jun 2024 06:13:40 +0900
Subject: [PATCH] stages/user_login: fix ?next parameter not carried through
 broken session binding (#10301)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 authentik/stages/user_login/middleware.py | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/authentik/stages/user_login/middleware.py b/authentik/stages/user_login/middleware.py
index b1a639255bfe..3ecbbbc431f6 100644
--- a/authentik/stages/user_login/middleware.py
+++ b/authentik/stages/user_login/middleware.py
@@ -1,10 +1,9 @@
 """Sessions bound to ASN/Network and GeoIP/Continent/etc"""
 
-from django.conf import settings
 from django.contrib.auth.middleware import AuthenticationMiddleware
 from django.contrib.auth.signals import user_logged_out
+from django.contrib.auth.views import redirect_to_login
 from django.http.request import HttpRequest
-from django.shortcuts import redirect
 from structlog.stdlib import get_logger
 
 from authentik.core.models import AuthenticatedSession
@@ -87,7 +86,7 @@ def process_request(self, request: HttpRequest):
             AuthenticationMiddleware(lambda request: request).process_request(request)
             logout_extra(request, exc)
             request.session.clear()
-            return redirect(settings.LOGIN_URL)
+            return redirect_to_login(request.get_full_path())
         return None
 
     def recheck_session(self, request: HttpRequest):