"You are already logged in" page after logging in using OAuth flow
s-bose opened this issue · comments
Describe the Bug
I have a simple OAuth flow where redirect uri is "http://localhost:8000/user/auth_callback".
I have a simple Flask server handling the authorization.
@api_user.route('/login', methods=['GET'])
def login() -> Response:
reddit = praw.Reddit()
auth_url: str = reddit.auth.url(scopes=SCOPES, state=STATE)
return auth_url
@api_user.route('/auth_callback', methods=['GET'])
def callback() -> Tuple[Response, int]:
code: str = request.args.get('code', '')
reddit = praw.Reddit()
refresh_token: str = reddit.auth.authorize(code)
me: Redditor = reddit.user.me()
token = jwt.encode({
'refresh_token': refresh_token,
'user': {
'name': me.name,
'id': me.id
}
}, str(SECRET_KEY), algorithm=ALGORITHM)
response: Response = make_response(jsonify({
'token': token
}))
response.set_cookie('access_token', token, max_age=COOKIE_MAX_AGE)
return response, 200
And the following are the contents of praw.ini
[DEFAULT]
client_id=CLIENT_ID
client_secret=CLIENT_SECRET
redirect_uri=http://localhost:8000/user/auth_callback
user_agent=USER_AGENT
The endpoints work as intended when I am already logged in, but in a different setting when the user has to log in for the first time, using the authorization url, right after the login credentials are submitted it redirects to the following page and keeps looping back at it indefinitely.
Welcome back!
You are already logged in and will be redirected back to Reddit shortly.
If you are not redirected automatically, follow this link.
Desired Result
User should be greeted with a page which will let the user allow or decline the permissions given to the Reddit app. Upon "allow" it will redirect to the callback url (http://localhost:8000/user/auth_callback
) where it will store and display the refresh token.
Relevant Logs
No response
Code to reproduce the bug
No response
My code example does not include the Reddit()
initialization to prevent credential leakage.
Yes
This code has previously worked as intended.
No
Operating System/Environment
Pop OS 22.04
Python Version
Python 3.9.7
PRAW Version
7.6.0
Prawcore Version
2.3.0
Anything else?
Relevant links
https://www.reddit.com/r/redditdev/comments/vdnonr/oauth2_workflow_broken_if_not_previously_logged/
https://www.reddit.com/r/redditdev/comments/wta8xl/cache_and_redirect_issue_when_logging_user_in/
This issue is stale because it has been open for 20 days with no activity. Remove the Stale label or comment or this will be closed in 10 days.
This issue was closed because it has been stale for 10 days with no activity.