Unable to login after upgrade to 1.15

@baris sorry for the late reply I'm based in Europe.
Thank you very much, it's working great now.

@baris yes if I cold load it redirect me as expected, and yes I'm doing a rebuild every time I change something

@baris

@baris if you want to make it easier we can make a quick call on jitsi or discord

@baris same behavior so far, not redirecting

@baris thank you

@baris /auth/pycom-sso

@baris said in Unable to login after upgrade to 1.15:

if (!data.allowLocalLogin && !data.allowRegistration && data.alternate_logins && data.authentication.length === 1) {
const url = data.authentication[0].url;
const redirectUrl = url.startsWith('http://') || url.startsWith('https://') ?
url : nconf.get('relative_path') + url;
return res.redirect(307, encodeURI(redirectUrl));
}

no I'm stuck with an infinite spinner

@baris @PitaJ we are still experiencing issues. it seems that the bug you have fixed was here since a long time.

We are using 1.13.2 in production and the redirection to our sso service is working great (even if the bug you have fixed in 1.15.4 is in it)

1.13.2

Here you can also see that X-Redirect was already broken

1.15.4

But in 1.15.4 running locally we are not redirected to it unless we reload the page.

Note

In 1.13.2 it's calling /auth/pycom-sso
and in 1.15.4 it's calling **/api/**auth/pycom-sso

I'm investigating more on this.
Thank you

@baris Perfect thank you it has fixed this issues.

@PitaJ @mooreds
We are upgrading to 1.15.3 also and we are also experiencing the "%5Bobject%20Object%5D" issue.

We are using this plugin for login "nodebb-plugin-jwt-oauth2".

It seems that we are getting this here:

helpers.redirect = function (res, url, permanent) {
	if (res.locals.isAPI) {
		res.set('X-Redirect', encodeURI(url)).status(200).json(encodeURI(url));
	} else {
		const redirectUrl = url.startsWith('http://') || url.startsWith('https://') ?
			url : relative_path + url;
		res.redirect(permanent ? 308 : 307, encodeURI(redirectUrl));
	}
};

it's trying to encode this: { external: /path }

which is called from here:

if (!data.allowLocalLogin && !data.allowRegistration && data.alternate_logins && data.authentication.length === 1) {
    if (res.locals.isAPI) {
        return helpers.redirect(res, {
	    external: nconf.get('relative_path') + data.authentication[0].url,
        });
    }
return res.redirect(nconf.get('relative_path') + data.authentication[0].url);
}

We are experiencing this only if you have at least disabled local registration or local login for registered user

It results in blocking the "Alternate Login" button from login page

edit: spelling