cleanup register

apps/login/src/app/(login)/register/page.tsx

@@ -1,5 +1,5 @@
 import { DynamicTheme } from "@/components/dynamic-theme";
-import { RegisterFormWithoutPassword } from "@/components/register-form-without-password";
+import { RegisterForm } from "@/components/register-form";
 import {
   getBrandingSettings,
   getDefaultOrg,
@@ -28,8 +28,6 @@ export default async function Page({
     }
   }
 
-  const setPassword = !!(firstname && lastname && email);
-
   const legal = await getLegalAndSupportSettings(organization);
   const passwordComplexitySettings =
     await getPasswordComplexitySettings(organization);
@@ -54,7 +52,7 @@ export default async function Page({
         <p className="ztdl-p">{t("description")}</p>
 
         {legal && passwordComplexitySettings && (
-          <RegisterFormWithoutPassword
+          <RegisterForm
             legal={legal}
             organization={organization}
             firstname={firstname}
@@ -62,7 +60,7 @@ export default async function Page({
             email={email}
             authRequestId={authRequestId}
             loginSettings={loginSettings}
-          ></RegisterFormWithoutPassword>
+          ></RegisterForm>
         )}
       </div>
     </DynamicTheme>

apps/login/src/components/password-form.tsx

@@ -73,10 +73,6 @@ export function PasswordForm({
       setError(response.error);
       return;
     }
-
-    if (response && response.nextStep) {
-      return router.push(response.nextStep);
-    }
   }
 
   async function resetPasswordAndContinue() {

apps/login/src/components/register-form.tsx

@@ -39,7 +39,7 @@ type Props = {
   loginSettings?: LoginSettings;
 };
 
-export function RegisterFormWithoutPassword({
+export function RegisterForm({
   legal,
   email,
   firstname,
@@ -104,6 +104,7 @@ export function RegisterFormWithoutPassword({
       registerParams.authRequestId = authRequestId;
     }
 
+    // redirect user to /register/password if password is chosen
     if (withPassword) {
       return router.push(
         `/register/password?` + new URLSearchParams(registerParams),
@@ -116,7 +117,7 @@ export function RegisterFormWithoutPassword({
   const { errors } = formState;
 
   const [tosAndPolicyAccepted, setTosAndPolicyAccepted] = useState(false);
-
+  console.log(loginSettings);
   return (
     <form className="w-full">
       <div className="grid grid-cols-2 gap-4 mb-4">
@@ -188,8 +189,9 @@ export function RegisterFormWithoutPassword({
             const usePasswordToContinue: boolean =
               loginSettings?.allowUsernamePassword &&
               loginSettings?.passkeysType === PasskeysType.ALLOWED
-                ? !!!(selected.name === methods[0].name)
-                : !!loginSettings?.allowUsernamePassword;
+                ? !!!(selected.name === methods[0].name) // choose selection if both available
+                : !!loginSettings?.allowUsernamePassword; // if password is chosen
+            // set password as default if only password is allowed
             return submitAndContinue(values, usePasswordToContinue);
           })}
           data-testid="submit-button"

apps/login/src/lib/server/password.ts

@@ -5,6 +5,7 @@ import {
   setSessionAndUpdateCookie,
 } from "@/lib/server/cookie";
 import {
+  getLoginSettings,
   getUserByID,
   listAuthenticationMethodTypes,
   listUsers,
@@ -20,6 +21,7 @@ import { User, UserState } from "@zitadel/proto/zitadel/user/v2/user_pb";
 import { AuthenticationMethodType } from "@zitadel/proto/zitadel/user/v2/user_service_pb";
 import { headers } from "next/headers";
 import { redirect } from "next/navigation";
+import { getNextUrl } from "../client";
 import { getSessionCookieByLoginName } from "../cookies";
 
 type ResetPasswordCommand = {
@@ -240,42 +242,34 @@ export async function sendPassword(command: UpdateSessionCommand) {
   //   return router.push(`/passkey/set?` + params);
   // }
   else if (command.authRequestId && session.id) {
-    const params = new URLSearchParams({
-      sessionId: session.id,
-      authRequest: command.authRequestId,
-    });
-
-    if (command.organization || session.factors?.user?.organizationId) {
-      params.append(
-        "organization",
-        command.organization ?? session.factors?.user?.organizationId,
-      );
-    }
-
-    return { nextStep: `/login?${params}` };
-  }
-
-  // without OIDC flow
-  const params = new URLSearchParams(
-    command.authRequestId
-      ? {
-          loginName: session.factors.user.loginName,
-          authRequestId: command.authRequestId,
-          organization: session.factors.user.organizationId,
-        }
-      : {
-          loginName: session.factors.user.loginName,
-        },
-  );
-
-  if (command.organization || session.factors?.user?.organizationId) {
-    params.append(
-      "organization",
+    const loginSettings = await getLoginSettings(
       command.organization ?? session.factors?.user?.organizationId,
     );
+    const nextUrl = await getNextUrl(
+      {
+        sessionId: session.id,
+        authRequestId: command.authRequestId,
+        organization:
+          command.organization ?? session.factors?.user?.organizationId,
+      },
+      loginSettings?.defaultRedirectUri,
+    );
+
+    return redirect(nextUrl);
   }
 
-  return { nextStep: `/signedin?${params}` };
+  const loginSettings = await getLoginSettings(
+    command.organization ?? session.factors?.user?.organizationId,
+  );
+  const url = await getNextUrl(
+    {
+      loginName: session.factors.user.loginName,
+      organization: session.factors?.user?.organizationId,
+    },
+    loginSettings?.defaultRedirectUri,
+  );
+
+  return redirect(url);
 }
 
 export async function changePassword(command: {