Pomax
commented
2 years ago Does the heroku log show anything we can use to figure out why it's claiming 403?
Open danielfmiranda opened 2 years ago
Pomax
commented
2 years ago Does the heroku log show anything we can use to figure out why it's claiming 403?
Pomax
commented
2 years ago It looks like this happens when recaptcha is turned on, where it locks down the "from the admin site itself" login path, not just the one from pulse.
The immediate way around this is to always log in through the front end, rather than directly through the backend (as that will include the recaptcha data). The "proper" solution is to either add the recaptcha code to the admin login template (see templates/users/index.html) or, once account moderation has landed, we can probably remove recaptcha on pulse again because new signups won't be able to do anything until their account is marked as active by a moderator.
danielfmiranda
commented
2 years ago This ticket should wait until the work in #798 is complete
If you visit https://api.mozillapulse.org/ and click "go to the admin website" it should display 3 options to log in being:
However, when you click this button it instead displays a 403.