Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Safari 12 redirects back to /accounts/login #1

chasetb opened this Issue Oct 18, 2018 · 1 comment


None yet
1 participant
Copy link

chasetb commented Oct 18, 2018

I've been using the django-python3-saml code for GitHub for a while now. First off, thank you for open-sourcing the app. It helped my organization when no other solution did.

I've been seeing an issue with Safari 12.0 on Mac, iPhone, and iPad using django-python3-saml and the latest version of python3-saml, After successfully authenticating to my G Suite account, the Google SAML integration will redirect back to our Django site, successfully return from the CompleteAuthenticationView but then reload to the login page (https:// ourwebsite .com /accounts/login/?next=/). If I refresh the login page, I will again get the login page with the ?next=/ parameter as if not authenticated. If I remove the directory and next parameter (https:// ourwebsite .com/), the site will show me the index page because my user is authenticated. Chrome and Firefox do not have this issue.

Have you seen this issue in your testing? I can go into more detail but don't want to take up your time if you've not experienced this before.


This comment has been minimized.

Copy link

chasetb commented Oct 19, 2018

Turns out this has little to do with this project. When running Django >=2.1 and Safari 12.0 special consideration to the new SESSION_COOKIE_SAMESITE flag needs to be taken. For now, I'm including the following in

# Prevents the cookie from being sent in cross-site requests
# Options are 'Lax' (default), 'Strict', and None
SESSION_COOKIE_SAMESITE = None  # @todo Verify compatibility w/ Safari 12.0 in next Django version

@chasetb chasetb closed this Oct 19, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.