zzstoatzz.io / status
slack status without the slack status.zzstoatzz.io/
quickslice
fork atom

Fix redirect loop - remove automatic redirect

The automatic redirect was causing an infinite loop when accessing
auth.zzstoatzz.com/login. Now both domains serve the login page
directly without redirecting.

The OAuth flow will still use auth.zzstoatzz.com for the actual
authentication because that's configured in OAUTH_REDIRECT_BASE.

zzstoatzz.io 5ca5c1df e50e1e71

options
unified split
Changed files
+6 -10
src
api
auth.rs
+6 -10
src/api/auth.rs
··· 143 143 144 144 /// Takes you to the login page 145 145 #[get("/login")] 146 - pub async fn login(config: web::Data<config::Config>) -> Result<HttpResponse> { 147 - // If we're using a separate auth domain, redirect to it 148 - if config.uses_separate_auth_domain() { 149 - let redirect_url = format!("{}/login", config.oauth_redirect_base); 150 - return Ok(HttpResponse::Found() 151 - .append_header(("Location", redirect_url)) 152 - .finish()); 153 - } 154 - 146 + pub async fn login() -> Result<impl Responder> { 147 + // Don't redirect - just serve the login page 148 + // The OAuth will use the correct redirect URL from config 155 149 let html = LoginTemplate { 156 150 title: "Log in", 157 151 error: None, 158 152 }; 159 - Ok(HttpResponse::Ok().body(html.render().expect("template should be valid"))) 153 + Ok(web::Html::new( 154 + html.render().expect("template should be valid"), 155 + )) 160 156 } 161 157 162 158 /// Logs you out by destroying your cookie on the server and web browser