I have a Next.js website deployed to AWS Amplify.
To log into this website, the process goes like this:
The user access another app and log in using e-mail and password
This app makes a post request to my website's api passing some user data
My website's api validates the data, generates a cookie and redirects the user to the home page
This process works fine localy in development and even in previously deployed websites that use the same code, but is not working with this new one.
I don't know if I'm reading into it right, but it seems like this new website is fowarding the redirect as a POST request instead of a GET. The image below shows how it should be (left, the correct way) and how it's currently going (right, the wrong way).
To redirect the user to the home page I simply use res.status(302).redirect("/").
Related
I need assistance with a company website I'm working on that should be linked up with Azure Active Directory. I have read those Azure Active Directory Docs. Our cloud team have already setup Azure Active Directory on the Azure Portal and when users including myself try to access the page they are brought to a Microsoft Login Page. Our cloud team have fulfilled Step 1 of registering our app on Azure. And this process of logging into Microsoft fulfills Step 2 of Authorization. The problem here is although the users are able to sign in through Azure active directory, once they sign in and come back to the webpage, we are unable to get the code that Azure generates.
This example Authorize link from the docs shows me the correct process for authorization.
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=6731de76-14a6-49ae-97bc-6eba6914391e&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F&response_mode=query&scope=offline_access%20user.read%20mail.read&state=12345
This link will send you to Microsoft Login page and then after you sign in, it will redirect to the specified redirect_url and it will provide the code in the query parameters. I can see it in the URL bar.
My company's app authentication currently doesn't work like this. We are able to have the user sign in and get redirect back to our page. But the redirect_url for our app is www.ourwebsite.azuresites.com/.auth/login/aad/callback I haven't seen this in any other examples and I'm not sure if this is calling a Azure Active Directory specific callback through this endpoint or if somehow the app server should be handling this.
I can see through Chrome Dev Tools when this happens it is sending a post request to www.ourwebsite.azuresites.com/.auth/login/aad/callback and I can see the payload contains the code that I need but the webpage redirects immediately after that request. I have tried to setup a controller with our .Net ASP.NET backend to handle paths from /.auth/login/aad/callback by trying to send a string response back but it doesn't appear that that works.
My Major question is does the url www.ourwebsite.azuresites.com/.auth/login/aad/callback call an azure specific callback function that our app can't interact with? Or is it sending a post request to our server that we should be handling.
After we get this code we will be able to follow the rest of the authentication process.
This picture shows the initial callback call after a user logs into the Microsoft Login page and gets redirect to the www.ourwebsite.azuresites.com/.auth/login/aad/callback I can see in the dev tools that this post request contains the code.
I'm thinking that it's probably something we need to handle on the server especially since it's a post request. Regardless, any help would be appreciated!
So I have email link signin (password less) working for iOS and Android, but if a user requests the email and then opens it on a web browser, they see this message:
Error encountered
{"error":{"code":400,"message":"API key expired. Please renew the API key.","errors":[{"message":"API key expired. Please renew the API key.","domain":"global","reason":"badRequest"}],"status":"INVALID_ARGUMENT"}}
I need them to click the link using their mobile device in order for the authentication to work, but ideally I could provide a more graceful message here that tells them to open the link on the mobile device. Any ideas?
I've now got this redirecting to my own website. Long story short - for some reason my Firebase hosting site was not configured properly and thus this authentication url was not being handled as it should. Fixable by recreating hosting site or just creating an additional site under hosting and using that for the email action url.
What I did was:
Create an Additional Site on Firebase Hosting. I made it additional so I wouldn't have to worry about messing with the Dynamic Link setup that is currently working on the default site.
Then under Authentication > Templates in the Firebase console, I changed the action url to use the new site but still have the (__/auth/action?...) path after the domain.
Now, when this url is accessed via a desktop browser, the user is redirected to the continue url (specified in the action code settings of the mobile app) and I display what I want on this continue url.
I noticed that in my Google API console, Firebase created a new Browser key and that it is being used whenever this auth link is clicked. Perhaps this was the issue all along. I wonder if I somehow restricted the wrong key. Anyways, if you run into a similar issue, check your API keys and their restrictions and/or just create a new additional site in Firebase hosting and use that.
I have a website hosted on Azure and SSL-enabled. I have a silly question:
Everything can still be accessed without https (e.g. "http://www.teacherspet.net.au"). How do I force everything except for the home page (which doesn't need login) to go https?
In other words, when people type in "http://www.teacherspet.net.au", it is redirected to "https://www.teacherspet.net.au".
I have a share point website running on a server, and have a asp.net website that that is configured to run attached to the share point site. This this not exposed as a domain site( i.e. with .com or .in or .nl etc), i access this site in my development and test environment using a URL something like
https://www-dev-myname.domainname.local/
In google analytic i am not able to add this as default URL for an account, it does not allow me to save it.
Is there a way i can create a account with a URL of this type and setup analytic for my site.
You can simply enter a valid url - it does not need to be that actual url of your website, the only consequence is that you cannot user inpage analyses (that and the little icon in the page content report that allows you to launch a url in a new window).
Wrong domain name nonwithstanding Google Analytics will work on any domain where it can set a cookie (and if it can't you can set the cookie domain to none, in that case you need to provide a client id yourself to maintain session tracking).
I am looking for a way to allow a user on my web site to log into another external web application (for example: gmail, jira,etc..) and redirect them successfully to the landing page.
I found this article which provides some code for posting the log on info, but doesn’t discuss what other actions I need to take (For example I believe I have to create or save a cookie on the machine) that will allow me to successfully redirect the user to that site.
Does anyone have any code or resources that can point me in the right direction?
Thanks for your help!
It's not possible. Especially with the cookies, you can not login to Gmail, receive a cookie from them and then redirect that to the user. The users' browser will see it as a cookie from yourdomain.com and not from gmail.com.
The link you refer to is doing something else. It logs on, retrieves data from that website and processes it (on the server). It does not redirect the user to the authenticated homepage.