fix: consider default path for Website User if applicable

frappe/apps.py

@@ -49,6 +49,12 @@ def is_desk_apps(apps):
 
 
 def get_default_path():
+	apps = get_apps()
+	_apps = [app for app in apps if app.get("name") != "frappe"]
+
+	if len(_apps) == 0:
+		return None
+
 	system_default_app = frappe.get_system_settings("default_app")
 	user_default_app = frappe.db.get_value("User", frappe.session.user, "default_app")
 	if system_default_app and not user_default_app:
@@ -56,8 +62,6 @@ def get_default_path():
 	elif user_default_app:
 		return get_route(user_default_app)
 
-	apps = get_apps()
-	_apps = [app for app in apps if app.get("name") != "frappe"]
 	if len(_apps) == 1:
 		return _apps[0].get("route") or "/apps"
 	elif is_desk_apps(_apps):

frappe/auth.py

@@ -179,12 +179,12 @@ class LoginManager:
 			frappe.local.cookie_manager.set_cookie("system_user", "no")
 			if not resume:
 				frappe.local.response["message"] = "No App"
-				frappe.local.response["home_page"] = "/" + get_home_page()
+				frappe.local.response["home_page"] = get_default_path() or "/" + get_home_page()
 		else:
 			frappe.local.cookie_manager.set_cookie("system_user", "yes")
 			if not resume:
 				frappe.local.response["message"] = "Logged In"
-				frappe.local.response["home_page"] = get_default_path() or "/apps"
+				frappe.local.response["home_page"] = get_default_path()
 
 		if not resume:
 			frappe.response["full_name"] = self.full_name

frappe/core/doctype/user/user.py

@@ -10,6 +10,7 @@ import frappe.defaults
 import frappe.permissions
 import frappe.share
 from frappe import STANDARD_USERS, _, msgprint, throw
+from frappe.apps import get_default_path
 from frappe.auth import MAX_PASSWORD_SIZE
 from frappe.core.doctype.user_type.user_type import user_linked_with_permission_on_doctype
 from frappe.desk.doctype.notification_settings.notification_settings import (
@@ -36,7 +37,7 @@ from frappe.utils.deprecations import deprecated, deprecation_warning
 from frappe.utils.password import check_password, get_password_reset_limit
 from frappe.utils.password import update_password as _update_password
 from frappe.utils.user import get_system_managers
-from frappe.website.utils import is_signup_disabled
+from frappe.website.utils import get_home_page, is_signup_disabled
 
 
 class User(Document):
@@ -866,9 +867,9 @@ def update_password(
 	frappe.db.set_value("User", user, "reset_password_key", "")
 
 	if user_doc.user_type == "System User":
-		return "/app"
+		return get_default_path()
 	else:
-		return redirect_url or "/"
+		return redirect_url or get_default_path() or get_home_page()
 
 
 @frappe.whitelist(allow_guest=True)

frappe/www/apps.py

@@ -7,18 +7,12 @@ from frappe.apps import get_apps
 
 
 def get_context():
-	if frappe.session.user == "Guest":
-		frappe.throw(_("You need to be logged in to access this page"), frappe.PermissionError)
-
-	if frappe.session.data.user_type == "Website User":
-		frappe.throw(_("You are not permitted to access this page."), frappe.PermissionError)
+	all_apps = get_apps()
 
 	system_default_app = frappe.get_system_settings("default_app")
 	user_default_app = frappe.db.get_value("User", frappe.session.user, "default_app")
 	default_app = user_default_app if user_default_app else system_default_app
 
-	all_apps = get_apps()
-
 	if len(all_apps) == 0:
 		frappe.local.flags.redirect_location = "/app"
 		raise frappe.Redirect

frappe/www/login.py

@@ -27,10 +27,9 @@ def get_context(context):
 
 	if frappe.session.user != "Guest":
 		if not redirect_to:
-			if frappe.session.data.user_type == "Website User":
+			redirect_to = get_default_path()
+			if frappe.session.data.user_type == "Website User" and not redirect_to:
 				redirect_to = get_home_page()
-			else:
-				redirect_to = get_default_path() or "/apps"
 
 		if redirect_to != "login":
 			frappe.local.flags.redirect_location = redirect_to