Taking control of your Drupal site's login destination

The default Drupal login system is pretty basic: users are taken back to the page they logged in from unless they logged in at http://www.example.com/user. In that case, they're taken to their user profile.  But what if you wanted a user to be redirected upon login to an internal landing page that contained news and information for privileged users? How about giving the user a login prompt when they hit an access denied (403) page? And redirect them to the page they were trying to access prior to login? I'll show you how to do just that using a mix of modules and a few lines of PHP to make it work as expected.

For this how-to, I'm using the login page that can be found at http://www.example.com/user. If you're using a block-based login form, you might have a different result. Before we start, download the Login Destination and Redirect 403 to User Login modules. Upload both modules to your site and enable them.

Enabling Redirect 403 to User Login is all it takes to setup this module. If you want, you can go to admin/settings/r4032login and change the access denied message. And that's it. That's all it takes to give users a login box on any 403 page.

Now go to admin/user/login_destination to configure the login destination page. Your first instinct, if you're wanting to preserve the user's original destination prior to login, would be to check the 'Preserve destination' box. Don't do it. With the current release of Login Destination (6.x-2.3 at the time of writing), it doesn't function as you'd expect. In my experience, my redirect on login worked when 'Preserve destination' wasn't checked but, once I enabled it, the redirect to the landing page wouldn't work.

Select the option "PHP snippet" in the URL destination box and paste the following code in the textarea below. Be sure to switch out DESTINATION with your URL. If you want to redirect to "http://www.example.com/internal-home", for example, you would put internal-home in place of DESTINATION.

       return $_GET['destination'];
} else {
       return 'DESTINATION';

In short, this code checks to see if a destination is appended to the URL. If no destination is set, it goes to your default destination. If it is, it takes the user's destination and redirects them there.

Set the radio in "Redirection condition settings" to "Always" and save the configuration. You should now have a site that takes users to the internal home page when logging in from the login form, provides them with the login form when encountering 403 pages, and redirects them to the page they tried to access prior to logging in.

More from the Author

Sean Corrales

Lead Web Developer