Reddit strategy doesn't redirect to failure URL on declined auth request
vitosamson opened this issue · comments
To reproduce:
- Go to https://login-with.com/login
- Login with Reddit
- Hit the "decline" button on the reddit auth request page
You'll get redirected to https://auth.login-with.com/reddit/callback with {"error":null,"user":false}
This is happening because in routes.js
here, both error
and user
are falsy and so it falls through to the res.json
at the end.
A solution here would probably be to change line 34 to if (error || !user)
- would you accept a PR for that? I'm not sure if this is happening for other providers, I've only tested with reddit.
👍 Sure, PR is very welcomed! I think if (error || !user)
totally makes sense. Should have a meaningful error of course...
Hey, any chance we can get a version bump and updated docker image pushed out with this?
Sure... tomorrow... promise