Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Safari 12 redirects back to /accounts/login #1

Closed
chasetb opened this Issue Oct 18, 2018 · 1 comment

Comments

Projects
None yet
1 participant
@chasetb
Copy link

chasetb commented Oct 18, 2018

I've been using the django-python3-saml code for GitHub for a while now. First off, thank you for open-sourcing the app. It helped my organization when no other solution did.

I've been seeing an issue with Safari 12.0 on Mac, iPhone, and iPad using django-python3-saml and the latest version of python3-saml, After successfully authenticating to my G Suite account, the Google SAML integration will redirect back to our Django site, successfully return from the CompleteAuthenticationView but then reload to the login page (https:// ourwebsite .com /accounts/login/?next=/). If I refresh the login page, I will again get the login page with the ?next=/ parameter as if not authenticated. If I remove the directory and next parameter (https:// ourwebsite .com/), the site will show me the index page because my user is authenticated. Chrome and Firefox do not have this issue.

Have you seen this issue in your testing? I can go into more detail but don't want to take up your time if you've not experienced this before.

@chasetb

This comment has been minimized.

Copy link
Author

chasetb commented Oct 19, 2018

Turns out this has little to do with this project. When running Django >=2.1 and Safari 12.0 special consideration to the new SESSION_COOKIE_SAMESITE flag needs to be taken. For now, I'm including the following in settings.py.

# Prevents the cookie from being sent in cross-site requests
# Options are 'Lax' (default), 'Strict', and None
# https://docs.djangoproject.com/en/2.1/ref/settings/#std:setting-SESSION_COOKIE_SAMESITE
SESSION_COOKIE_SAMESITE = None  # @todo Verify compatibility w/ Safari 12.0 in next Django version

@chasetb chasetb closed this Oct 19, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.