Open theogravity opened 10 months ago
Do you have a request when it send to github? I'm not sure how do you get the last URL because the button that open the oAuth login is from NextAuth which suppose to request post and redirect github authorize path.
My setup currently use cloudflare tunnel to make the hostname work but I don't think that's related. (but you will have the issue when communicate with other federate server later because they can't reach out to you with localhost alias)
I got a little further, but there's something with the CSRF check that fails.
GithubProvider({
clientId: auth?.github?.id || '',
clientSecret: auth?.github?.secret || '',
authorization: {
params: {
redirect_uri: 'http://domain.tld:3000/api/auth/callback/github',
}
}
})
It's as if it's using the localhost:3000
cookies for CSRF check instead of domain.tld:3000
when it does the code exchange during the auth flow
Also I've tried with just
NEXTAUTH_URL=http://domain.tld:3000 yarn dev
and it ends up doing an infinite redirect after sign-in
this is with:
providers: [
GithubProvider({
clientId: auth?.github?.id || '',
clientSecret: auth?.github?.secret || ''
})
],
I think I know what's happening. I have a guard that prevent people signup and login if it's not allow in emails list here.
This makes it keep redirect logged in user back to sign in however, because the sign in check if you already logged in with session, it will redirect back to the timeline page. I haven't figure this fully yet but with last commit should unblock this for now if you don't specify allow email list yet.
I was able to finally run the app, but am having issues with sign-in.
I added the following to my
/etc/hosts
:And registered the following callback URL with a Github OAuth application:
config.json
:yarn dev
http://domain.tld:3000
sign in with github
http://localhost:3000
insteadhttp://localhost:3000/auth/signin?callbackUrl=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Fsignin%3FcallbackUrl%3Dhttp%253A%252F%252Flocalhost%253A3000%252Fauth%252Fsignin%253FcallbackUrl%253Dhttp%25253A%25252F%25252Flocalhost%25253A3000%2526error%253DCallback%26error%3DCallback&error=Callback