From 6941b73168e334b248fbecdd1ec32e623fd0d1b9 Mon Sep 17 00:00:00 2001
From: jamesbloomer <github2@thebloomers.co.uk>
Date: Sun, 22 Sep 2013 22:31:21 +0100
Subject: [PATCH] Fix admin redirect issue

closes #850
- the aliases for the ghost admin link were causing redirects of the
form /ghost//admin etc.
- simplest solution is to split the route into two with the first one
just redirecting and the second doing the auth
---
 core/server.js | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/core/server.js b/core/server.js
index f204436b9c..25b4c3f4fe 100644
--- a/core/server.js
+++ b/core/server.js
@@ -339,7 +339,11 @@ when.all([ghost.init(), helpers.loadCoreHelpers(ghost)]).then(function () {
     server.get('/ghost/debug/db/reset/', auth, admin.debug.reset);
     // We don't want to register bodyParser globally b/c of security concerns, so use multipart only here
     server.post('/ghost/upload/', admin.uploader);
-    server.get(/^\/(ghost$|(ghost-admin|admin|wp-admin|dashboard|signin)\/?)/, auth, function (req, res) {
+    // redirect to /ghost and let that do the authentication to prevent redirects to /ghost//admin etc.
+    server.get(/^\/((ghost-admin|admin|wp-admin|dashboard|signin)\/?)/, function (req, res) {
+        res.redirect('/ghost/');
+    });
+    server.get(/^\/(ghost$\/?)/, auth, function (req, res) {
         res.redirect('/ghost/');
     });
     server.get('/ghost/', redirectToSignup, auth, admin.index);