Open GeisonPiegas opened 1 week ago
In this case, an external session storage is needed, this is already in the roadmap. By the way, what kind of SDK are you using?
We have two applications connected, one using the Next.js SDK with the Pages Router and the other using the Next.js SDK with the App Router.
We are planning to add external storage support for Next.js SDK, both pages router and app router.
Describe the bug
I am experiencing an issue where users who have a large number of organizations and scopes linked to their accounts are stuck in an infinite login loop. This problem occurs specifically when one of the requested scopes is
urn:logto:scope:organizations
. Since this scope is mandatory for obtaining an access token for a user within an organization, it seems to be contributing to the issue. During the login process, a cookie is generated that exceeds the 4096 character limit imposed by browsers. As a result, the cookie is blocked, causing the login process to fail repeatedly and enter an infinite loop. Additionally, there is another call that performs a redirect, passing a significant amount of data in its parameters, which could also be contributing to the problem.Expected behavior
Login success and redirection.
How to reproduce?
Add more than 100 organizations and several scopes to a user, then attempt to log in with that user. Ensure the scope
urn:logto:scope:organizations
is included in the login request. Login with email and password (When using SSO the problem is not occurring).Context
Screenshots