Closed astoicnick closed 1 year ago
Questions for clarifying the situation:
--api
?Or any additional information that could help us to understand the use case?
The purpose of the app is to be an authentication API. Ideally when a user logs into a website, they can choose from google sign in or our managed authentication. When they click the google sign in button, this authentication API will handle the callback and provide an access token that can be used to authenticate with any of the other web services we have.
I added --api because this application will need to return an access token to any client that calls it, and I don't want it to return an html page, I want it to return json.
After what you've said, I think you can close this out because it sounds like I don't fully understand how the social login will be used in the authentication API. Thank you
Description
Hello, I have discovered that by using the --api flag when generating a new buffalo app, it is adding an option to the buffalo.New() call in app.go(approximately line 46). The setting, "SessionStore: sessions.Null{}", prevents the buffalo-goth callback from working as expected. After generating the routes from the buffalo-goth plugin for Google, if you add your secret and clientId it will successfully redirect you to Google's consent screen. After gathering consent, Google is redirecting the user to /auth/google/callback. It is at this point that the error message "could not find a matching session for this request". If I remove the "SessionStore: sessions.Null{}" from app.go, the callback works as expected.
Additional details are below, but my question is this: should the "SessionStore: sessions.Null{}" still be there despite this issue? If it shouldn't be there, can I go try and fix it and submit a PR?
To Reproduce
What I did to get successful goth process on first try:
{ "error": "could not find a matching session for this request", "trace": "could not find a matching session for this request", "code": 401 }
Additional Context
Details