Giters

praw-dev / praw

PRAW, an acronym for "Python Reddit API Wrapper", is a python package that allows for simple access to Reddit's API.

Home Page:http://praw.readthedocs.io/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

"You are already logged in" page after logging in using OAuth flow

s-bose opened this issue · comments

commented

Describe the Bug

I have a simple OAuth flow where redirect uri is "http://localhost:8000/user/auth_callback".
I have a simple Flask server handling the authorization.

@api_user.route('/login', methods=['GET'])
def login() -> Response:
    reddit = praw.Reddit()
    auth_url: str = reddit.auth.url(scopes=SCOPES, state=STATE)
    return auth_url
@api_user.route('/auth_callback', methods=['GET'])
def callback() -> Tuple[Response, int]:
    code: str = request.args.get('code', '')

    reddit = praw.Reddit()
    refresh_token: str = reddit.auth.authorize(code)
    me: Redditor = reddit.user.me()

    token = jwt.encode({
        'refresh_token': refresh_token,
        'user': {
            'name': me.name,
            'id': me.id
        }
    }, str(SECRET_KEY), algorithm=ALGORITHM)

    response: Response = make_response(jsonify({
        'token': token
    }))

    response.set_cookie('access_token', token, max_age=COOKIE_MAX_AGE)
    return response, 200

And the following are the contents of praw.ini

[DEFAULT]
client_id=CLIENT_ID
client_secret=CLIENT_SECRET
redirect_uri=http://localhost:8000/user/auth_callback
user_agent=USER_AGENT

The endpoints work as intended when I am already logged in, but in a different setting when the user has to log in for the first time, using the authorization url, right after the login credentials are submitted it redirects to the following page and keeps looping back at it indefinitely.
Welcome back!
You are already logged in and will be redirected back to Reddit shortly.
If you are not redirected automatically, follow this link.

Desired Result

User should be greeted with a page which will let the user allow or decline the permissions given to the Reddit app. Upon "allow" it will redirect to the callback url (http://localhost:8000/user/auth_callback) where it will store and display the refresh token.

Relevant Logs

No response

Code to reproduce the bug

No response

My code example does not include the Reddit() initialization to prevent credential leakage.

Yes

This code has previously worked as intended.

No

Operating System/Environment

Pop OS 22.04

Python Version

Python 3.9.7

PRAW Version

7.6.0

Prawcore Version

2.3.0

Anything else?

Relevant links

https://www.reddit.com/r/redditdev/comments/vdnonr/oauth2_workflow_broken_if_not_previously_logged/
https://www.reddit.com/r/redditdev/comments/wta8xl/cache_and_redirect_issue_when_logging_user_in/

commented

This issue is stale because it has been open for 20 days with no activity. Remove the Stale label or comment or this will be closed in 10 days.

commented

This issue was closed because it has been stale for 10 days with no activity.