mattgotteiner
commented
7 months ago I actually don't think this is the case - there's session based storage in the app that actually does sign on
Closed mattgotteiner closed 7 months ago
mattgotteiner
commented
7 months ago I actually don't think this is the case - there's session based storage in the app that actually does sign on
mattgotteiner
commented
7 months ago def get_auth_setup_for_client(self) -> dict[str, Any]:
# returns MSAL.js settings used by the client app
return {
"useLogin": self.use_authentication, # Whether or not login elements are enabled on the UI
"requireAccessControl": self.require_access_control, # Whether or not access control is required to use the application
"msalConfig": {
"auth": {
"clientId": self.client_app_id, # Client app id used for login
"authority": self.authority, # Directory to use for login https://learn.microsoft.com/azure/active-directory/develop/msal-client-application-configuration#authority
"redirectUri": "/redirect", # Points to window.location.origin. You must register this URI on Azure Portal/App Registration.
"postLogoutRedirectUri": "/", # Indicates the page to navigate after logout.
"navigateToLoginRequestUrl": False, # If "true", will navigate back to the original request location before processing the auth code response.
},
"cache": {
"cacheLocation": "sessionStorage",
"storeAuthStateInCookie": False,
}, # Configures cache location. "sessionStorage" is more secure, but "localStorage" gives you SSO between tabs. # Set this to "true" if you are having issues on IE11 or Edge
},Since the frontend app uses sessionStorage - I think the in memory cache for the backend app is just fine. The backend app doesn't actually manage any login state
This issue is for a: (mark with an
x)Authentication should use a cookie-based token cache so restarting the server doesn't log all users out