[Question] Post authentication redirect to requested URL #502
Comments
|
I don't think this is possible right now, though it's something we should look into supporting. @mkarmark any suggestions? |
|
I am reading here that, due to security implications:
and:
I presume this can be done with custom authentication. I also presume most prefer to just use the built-in authentication. If you (Microsoft) implement this for the built-in authentication, and automatic redirection is out of the question for security reasons, then probably make the requested URL available somehow (some endpoint similar to /.auth/me perhaps?). |
|
I found this on Customize sign-ins and sign-outs — would it be applicable to Static Web Apps as well?
|
|
Any news on this? |
|
My company is facing the same issue and we really were using this for our documentation site to include articles and code documents at one place for the company. But this is a very bad end user experience since we have variety of readers of our documentation who like to have their fully qualified/favorited URLs within our HUGE site. They have to navigate through the content since they always end up landing at the Home Page post authentication. |
|
We now support adding "post_login_redirect_uri=.referrer" to achieve the behavior of redirecting back to the page before the login flow started. Query parameters and fragments are not supported though. |
|
@mishapos Tried this in staticwebapp.config.json: But get redirected to .../.auth/.referrer |
|
This is a fairly new feature and we're waiting for query string support to be added, so we haven't documented it yet. You can only use it in a response override: {
"routes": [
{
"route": "/*",
"allowedRoles": [
"authenticated"
]
}
],
"responseOverrides": {
"401": {
"statusCode": 302,
"redirect": "/.auth/login/github?post_login_redirect_uri=.referrer"
}
}
} |
|
Awesome! It works! |
This is great and works once changes are pushed back to Azure Static Apps service. |
When I click the link on facebook workplace chat, this does not work. Are there any update on this case? |
@mishapos does this mean the encoding is also not supported (like %20 for space)? I tested and see that redirection works only as long as the URL does not contain a space. Example: |
ghost
mentioned this issue
|
Is it also supposed to work in the swa cli during the local development? It did not work for me |
|
This does not work if the link is clicked from another site. Edit: Slight correction, if you open a fresh browser instance it works as expected for 30 seconds, then if you try it again it starts redirecting to the root page. |
|
I am getting the same behaviour as mentioned above. The redirect to a specific subpage works on fresh browser, afterwords I end up on the root url again. |
|
Has there been any progress on supporting query parameters in the post login redirect uri? |
Are there any plans to support fragments, as it is already the case for web apps? |
Hi,
I'm using AAD authentication. Let's say I have an app at myapp.com and a user wants to access myapp.com/product?id=123 (which might be bookmarked, for instance). If the user is already logged in this works fine, but if he needs to log in, post authentication redirects the user to myapp.com not the requested URL. I know I can configure a post login redirect, but this needs to be a fixed URL. Is it somehow possible for post authentication to redirect the user to where he/she intended to go?
The text was updated successfully, but these errors were encountered: