Fixes #3283: Added `$checkAjax` to `yii\web\User::loginRequired()`

framework/CHANGELOG.md

@@ -118,6 +118,7 @@ Yii Framework 2 Change Log
 - Enh #3244: Allow logging complex data such as arrays and object via the log system (cebe)
 - Enh #3252: Added support for case insensitive matching using ILIKE to PostgreSQL QueryBuilder (cebe)
 - Enh #3280: Support dynamically attaching anonymous behaviors (qiangxue)
+- Enh #3283: Added `$checkAjax` to `yii\web\User::loginRequired()` (qiangxue)
 - Enh #3284: Added support for checking multiple ETags by `yii\filters\HttpCache` (qiangxue)
 - Enh #3298: Supported configuring `View::theme` using a class name (netyum, qiangxue)
 - Enh #3328: `BaseMailer` generates better text body from html body (armab)

framework/web/User.php

@@ -408,13 +408,15 @@ class User extends Component
      *
      * Note that when [[loginUrl]] is set, calling this method will NOT terminate the application execution.
      *
+     * @param boolean $checkAjax whether to check if the request is an AJAX request. When this is true and the request
+     * is an AJAX request, the current URL (for AJAX request) will NOT be set as the return URL.
      * @return Response the redirection response if [[loginUrl]] is set
      * @throws ForbiddenHttpException the "Access Denied" HTTP exception if [[loginUrl]] is not set
      */
-    public function loginRequired()
+    public function loginRequired($checkAjax = true)
     {
         $request = Yii::$app->getRequest();
-        if ($this->enableSession && !$request->getIsAjax()) {
+        if ($this->enableSession && (!$checkAjax || !$request->getIsAjax())) {
             $this->setReturnUrl($request->getUrl());
         }
         if ($this->loginUrl !== null) {