Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set a different redirect_uri for oauth_errors? #431

Open
geolectric opened this issue Mar 3, 2024 · 3 comments
Open

Set a different redirect_uri for oauth_errors? #431

geolectric opened this issue Mar 3, 2024 · 3 comments

Comments

@geolectric
Copy link

First of all, thanks for developing this project, I just started using it and it's fantastic.

During testing, I noticed that if I deny granting Facebook permissions when first creating an account, then the user is redirected to the page I set, but it requires the user to be authenticated, so it then redirects the user to the Facebook permissions request page, resulting in an endless loop (if user cancels permissions page).

What I'd like to happen is if the authentication was successful, then redirect to my page that requires authentication, but if there's an error, then redirect to my home page.

Is there a way to handle something like this with Flask-Dance?
@singingwolfboy
Copy link
Owner

singingwolfboy commented Mar 3, 2024
edited

Glad it's helpful! Try hooking into the "oauth_error" signal and returning a Response object with a redirect to where you want the user to go. https://flask-dance.readthedocs.io/en/latest/signals.html Does that help?

@geolectric
Copy link
Author

geolectric commented Mar 3, 2024
edited

I tried this:

facebook_bp = make_facebook_blueprint(
    scope="public_profile,email,user_birthday",
    redirect_to="private_bp.private",
    login_url="/login",
    authorized_url="/login/authorized",
    rerequest_declined_permissions=True,
    storage=SQLAlchemyStorage(OAuth, db.session, user=current_user),
)

...

@oauth_error.connect_via(facebook_bp)
def facebook_error(sender, **kwargs):

    blueprint = kwargs.get("blueprint")
    message = kwargs.get("message")
    response = kwargs.get("response")

    if blueprint and message:
        msg = f"Authentication error from {blueprint.name}! Message: {message}"

        if response:
            msg += f", Response: {response}"

        flash(msg, "danger")
    else:
        flash("An unknown authentication error occurred. Please try again.", "danger")

    return redirect(url_for("home_bp.home"))

But when I click Cancel on the Facebook permissions request page, it just keeps redirecting me back to it. It's like the return redirect(url_for("home_bp.home")) isn't occurring.

Also, in make_facebook_blueprint if I change to redirect_to="home_bp.home", then it does redirect me to my home page when I click Cancel on the permissions page.

So, it's like the return redirect(url_for("home_bp.home")) in @oauth_error.connect_via(facebook_bp) isn't being honored.

@singingwolfboy singingwolfboy mentioned this issue Mar 4, 2024
Merged
@singingwolfboy
Copy link
Owner

My apologies, it looks like I never actually built that feature! Flask-Dance had a similar feature for the oauth_authorized signal, but not for the oauth_error signal. Oops!

Well, as of version 7.1.0 (published on PyPI today), this feature now exists. I even added it to the documentation! Could you please try upgrading to the latest version of Flask-Dance, and let me know if it works now?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@singingwolfboy @geolectric