-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Consider making LOGIN_REDIRECT_URL an env Value rather than hard-coded #173
Comments
What's the general use case for this? I think many downstream projects will need to override this setting, to match their particular set of routes, but I don't see why most would need to set it differently per-deployment. |
We commonly deploy SPAs backed by Girder 4 at different domains than the server. In those cases, a fully qualified login redirect URL is desired, and it will be deployment-specific. |
I still don't understand how this is necessary. If an SPA logs in, they will do so as part of an OAuth2 flow, which will ultimately redirect them back to the "redirect URI" of the registered OAuth2 application, at the conclusion of their login process. Is this a problem for cases where a user is provided a link directly to the Django app, outside of an OAuth2 flow? I can think of a few places where this happens:
I don't think that just changing I wonder whether a better practice is to encourage Django projects to mount a |
Sorry, it's been a while on this so I may have forgotten some context, but I think the main issue here is during new user registration, especially when email verification is optional or disabled. In those cases, the user completes registration, and they get taken to a page that actually gives a 500 error because the corresponding template doesn't exist out of the box. |
No description provided.
The text was updated successfully, but these errors were encountered: