Set redirect when redirecting from restricted

services/web/app/coffee/Features/Authentication/AuthenticationController.coffee

@@ -189,10 +189,11 @@ module.exports = AuthenticationController =
 		Metrics.inc "user.login.failed"
 		callback()
 
-	_setRedirectInSession: (req) ->
-		target = if Object.keys(req.query) then "#{req.path}?#{querystring.stringify(req.query)}" else req.path
+	_setRedirectInSession: (req, value) ->
+		if !value?
+			value = if Object.keys(req.query) > 0 then "#{req.path}?#{querystring.stringify(req.query)}" else req.path
 		if req.session?
-			req.session.postLoginRedirect = target
+			req.session.postLoginRedirect = value
 
 	_getRedirectFromSession: (req) ->
 		return req?.session?.postLoginRedirect || null

services/web/app/coffee/Features/Authorization/AuthorizationMiddlewear.coffee

@@ -108,5 +108,5 @@ module.exports = AuthorizationMiddlewear =
 			logger.log {from: from}, "redirecting to login"
 			redirect_to = "/login"
 			if from?
-				redirect_to += "?redir=#{encodeURIComponent(from)}"
+				AuthenticationController._setRedirectInSession(req, from)
 			res.redirect redirect_to

services/web/test/UnitTests/coffee/Authentication/AuthenticationControllerTests.coffee

@@ -541,6 +541,10 @@ describe "AuthenticationController", ->
 			@AuthenticationController._setRedirectInSession(@req)
 			expect(@req.session.postLoginRedirect).to.equal "/somewhere?one=1"
 
+		it 'should set the supplied value', ->
+			@AuthenticationController._setRedirectInSession(@req, '/somewhere/specific')
+			expect(@req.session.postLoginRedirect).to.equal "/somewhere/specific"
+
 	describe '_getRedirectFromSession', ->
 		beforeEach ->
 			@req = {session: {postLoginRedirect: "/a?b=c"}}