Adding endpoint to fetch current user's profile.

Also redirecting the browser to this user profile endpoint on username password login success. This ensures that the client fetches the profile along with setting the session ID cookie in the browser

app/server/appsmith-server/src/main/java/com/appsmith/server/controllers/UserController.java

@@ -4,9 +4,12 @@ import com.appsmith.server.constants.Url;
 import com.appsmith.server.domains.User;
 import com.appsmith.server.dtos.ResetUserPasswordDTO;
 import com.appsmith.server.dtos.ResponseDTO;
+import com.appsmith.server.services.SessionUserService;
 import com.appsmith.server.services.UserService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PutMapping;
@@ -20,9 +23,13 @@ import reactor.core.publisher.Mono;
 @RequestMapping(Url.USER_URL)
 public class UserController extends BaseController<UserService, User, String> {
 
+    private final SessionUserService sessionUserService;
+
     @Autowired
-    public UserController(UserService service) {
+    public UserController(UserService service,
+                          SessionUserService sessionUserService) {
         super(service);
+        this.sessionUserService = sessionUserService;
     }
 
     @PutMapping("/switchOrganization/{orgId}")
@@ -54,4 +61,10 @@ public class UserController extends BaseController<UserService, User, String> {
         return service.resetPasswordAfterForgotPassword(userPasswordDTO.getToken(), userPasswordDTO.getUser())
                 .map(result -> new ResponseDTO<>(HttpStatus.OK.value(), result, null));
     }
+
+    @GetMapping("/me")
+    public Mono<ResponseDTO<User>> getUserProfile() {
+        return sessionUserService.getCurrentUser()
+                .map(user -> new ResponseDTO<>(HttpStatus.OK.value(), user, null));
+    }
 }

app/server/appsmith-server/src/main/java/com/appsmith/server/filters/FormAuthenticationSuccessHandler.java

@@ -1,5 +1,6 @@
 package com.appsmith.server.filters;
 
+import com.appsmith.server.constants.Url;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.core.Authentication;
@@ -20,20 +21,22 @@ public class FormAuthenticationSuccessHandler implements ServerAuthenticationSuc
 
     private ServerRedirectStrategy redirectStrategy = new DefaultServerRedirectStrategy();
 
+    /**
+     * On authentication success, we send a redirect to the endpoint that serve's the user's profile.
+     * The client browser will follow this redirect and fetch the user's profile JSON from the server.
+     * In the process, the client browser will also set the session ID in the cookie against the server's API domain.
+     *
+     * @param webFilterExchange
+     * @param authentication
+     * @return
+     */
     @Override
     public Mono<Void> onAuthenticationSuccess(WebFilterExchange webFilterExchange,
                                               Authentication authentication) {
         log.debug("Login succeeded for user: {}", authentication.getPrincipal());
         ServerWebExchange exchange = webFilterExchange.getExchange();
 
-        // On authentication success, we send a redirect to the client's home page. This ensures that the session
-        // is set in the cookie on the browser.
-        String originHeader = exchange.getRequest().getHeaders().getOrigin();
-        if(originHeader == null || originHeader.isEmpty()) {
-            originHeader = "/";
-        }
-
-        URI defaultRedirectLocation = URI.create(originHeader);
+        URI defaultRedirectLocation = URI.create(Url.USER_URL + "/me");
         return this.redirectStrategy.sendRedirect(exchange, defaultRedirectLocation);
     }