marty-sullivan
commented
1 month ago Some additional tests show that this problem does not seem to happen with v1.1.306
Open marty-sullivan opened 1 month ago
marty-sullivan
commented
1 month ago Some additional tests show that this problem does not seem to happen with v1.1.306
dokterbob
commented
3 weeks ago Is this perhaps related to #1207?
marty-sullivan
commented
3 weeks ago @dokterbob I don't think so, I was just using the basic header auth, not oauth
Describe the bug It appears like header-based login might break after clicking the logout button. I will admit, I'm doing something a little different than what is designed, as is described here:
https://github.com/Chainlit/chainlit/issues/144#issuecomment-2227005294
Given that though, I'm seeing some very odd behavior as described below. It doesn't seem like it should matter that I'm using something from the referrer header vs some other header.
To Reproduce Steps to reproduce the behavior:
The logs show the following...
/login?token=.../auth/headerandheader_auth_callbacksucceeds (returns validUser)/loginand then back to/auth/headerheader_auth_callbackfails (returnsNonebecause there is no token query param)/auth/headera second timeheader_auth_callbackfails (returnsNonebecause)Expected behavior I would expect that the user is successfully logged in on the first redirect to
/auth/headerbut it seems like after the user manually logs out, it somehow makes it so that the header login flow is failing to set the User for the session.I'm certainly willing to accept that what I'm doing isn't supported, however, this behavior is not something I've run into and only seems to happen after the user manually logs out. It's almost like a cookie or session storage item is no longer able to be set by the header login flow.
I have tried clearing browser cookies and data and all of that, it doesn't seem to help once the user clicks that button. Very mysterious.