From 10529a597c3292ff8ecc8e51692433240ebe2b9d Mon Sep 17 00:00:00 2001
From: Lorenzo Moscati <lorenzo@moscati.page>
Date: Tue, 14 Oct 2025 15:59:28 +0200
Subject: [PATCH] Added suggested changes

Signed-off-by: Lorenzo Moscati <lorenzo@moscati.page>
---
 php/public/base_path.js                |  8 ++++++--
 php/src/Controller/LoginController.php |  2 +-
 php/src/Middleware/AuthMiddleware.php  | 17 +++++++++++++----
 3 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/php/public/base_path.js b/php/public/base_path.js
index 67c1a4a7..a55ed943 100644
--- a/php/public/base_path.js
+++ b/php/public/base_path.js
@@ -1,3 +1,7 @@
-document.addEventListener("DOMContentLoaded", function(event) {
-    document.getElementById("base_path") && (document.getElementById("base_path").value = window.location.pathname.slice(0, -11));
+document.addEventListener("DOMContentLoaded", function() {
+    basePath = document.getElementById("base_path")
+    if (basePath) {
+        // Remove '/containers' from the end of the path, to get the base path only
+        basePath.value = window.location.pathname.slice(0, -11);
+    }
 });
\ No newline at end of file
diff --git a/php/src/Controller/LoginController.php b/php/src/Controller/LoginController.php
index 233a795e..412ff9df 100644
--- a/php/src/Controller/LoginController.php
+++ b/php/src/Controller/LoginController.php
@@ -45,7 +45,7 @@ readonly class LoginController {
     {
         $this->authManager->SetAuthState(false);
         return $response
-            ->withHeader('Location', '.')
+            ->withHeader('Location', '../..')
             ->withStatus(302);
     }
 }
diff --git a/php/src/Middleware/AuthMiddleware.php b/php/src/Middleware/AuthMiddleware.php
index a54f47a6..724f1776 100644
--- a/php/src/Middleware/AuthMiddleware.php
+++ b/php/src/Middleware/AuthMiddleware.php
@@ -27,14 +27,23 @@ readonly class AuthMiddleware {
         if(!in_array($request->getUri()->getPath(), $publicRoutes)) {
             if(!$this->authManager->IsAuthenticated()) {
                 $status = 302;
-                if(count(explode('/', $request->getUri()->getPath())) > 2) {
+
+                // Check the url of the request: split the string by '/' and count the number of elements
+                // Note that the path that gets to this middleware is not aware of any base path managed by a reverse proxy, so if the url is 'https://example.com/AIO/somepage', the path will be 'https://mastercontainer/somepage'
+                if (count(explode('/', $request->getUri()->getPath())) < 2) {
+                    // If there are less than 2 elements it means we are somewhere in the root folder (no '/', so no subfolder), so we redirect to the same folder level to offload the redirection to the appropriate page to 'index.php' (specifically, once in the root level the login page will be loaded since we are not authenticated)
+                    $location = '.';
+                } else {
+                    // If there are 2 or more elements it means we are in a subfolder, so we need to go back to the root folder
+                    // In the best case we need to go back by 1 level only
                     $location = '..';
-                    for($i = 0; $i < count(explode('/', $request->getUri()->getPath())) - 3; $i++) {
+                    // In the worst case we need to go back by n levels, where n is the number of elements - 2 (the first element is not a folder, the second element is already accounted for by the initial '..')
+                    for ($i = 1; $i < count(explode('/', $request->getUri()->getPath())) - 2; $i++) {
+                        // For each extra level we need to go back by another level
                         $location = $location . '/..';
                     }
-                } else {
-                    $location = '.';
                 }
+
                 $headers = ['Location' => $location];
                 $response = new Response($status, $headers);
                 return $response;