[BUG] - OIDC Auth not working on mobile devices

[cmintey]

First Check

• This is not a feature request.
• I added a very descriptive title to this issue (title field is above this).
• I used the GitHub search to find a similar issue and didn't find it.
• I searched the Mealie documentation, with the integrated search.
• I already read the docs and didn't find an answer.
• This issue can be replicated on the demo site (https://demo.mealie.io/).

What is the issue you are experiencing?

With the latest nightly, I am no longer able to log into Mealie via OIDC on my mobile device (iPhone) -- web works just fine.

Steps to Reproduce

1. Configure OIDC
2. Log in on Web
3. Log in on mobile -- see error

Please provide relevant logs

mealie     | INFO     2024-04-19T08:51:10 - [10.0.2.1:0] 200 OK "GET /api/app/about/startup-info HTTP/1.1"
mealie     | INFO     2024-04-19T08:51:10 - [10.0.2.1:0] 200 OK "GET /api/app/about HTTP/1.1"
mealie     | INFO     2024-04-19T08:51:10 - [10.0.2.1:0] 307 Temporary Redirect "GET /login?code=xxx&iss=https%3A%2F%2Fauth.example.com&scope=openid+profile+email+groups&state=EoACkgldqR HTTP/1.1"
mealie     | INFO     2024-04-19T08:51:10 - [10.0.2.1:0] 200 OK "GET /login/?code=xxx&iss=https%3A%2F%2Fauth.example.com&scope=openid+profile+email+groups&state=EoACkgldqR HTTP/1.1"
mealie     | INFO     2024-04-19T08:51:10 - [10.0.2.1:0] 304 Not Modified "GET / HTTP/1.1"
mealie     | INFO     2024-04-19T08:51:11 - [10.0.2.1:0] 200 OK "GET /api/app/about HTTP/1.1"
mealie     | INFO     2024-04-19T08:51:11 - [10.0.2.1:0] 200 OK "GET /api/explore/organizers/home/categories?page=1&perPage=-1&orderBy=name&orderDirection=asc HTTP/1.1"
mealie     | INFO     2024-04-19T08:51:11 - [10.0.2.1:0] 200 OK "GET /api/explore/organizers/home/tags?page=1&perPage=-1&orderBy=name&orderDirection=asc HTTP/1.1"
mealie     | INFO     2024-04-19T08:51:11 - [10.0.2.1:0] 200 OK "GET /api/explore/cookbooks/home?page=1&perPage=-1&orderBy=position&orderDirection=asc HTTP/1.1"
mealie     | INFO     2024-04-19T08:51:11 - [10.0.2.1:0] 200 OK "GET /api/explore/recipes/home?page=1&perPage=64&orderBy=created_at&orderDirection=desc&paginationSeed=1713534671403&searchSeed=1713534671403&search=&requireAllCategories=false&requireAllTags=false&requireAllTools=false&requireAllFoods=false HTTP/1.1"
mealie     | INFO     2024-04-19T08:51:11 - [10.0.2.1:0] 200 OK "GET /api/explore/organizers/home/tools?page=1&perPage=-1&orderBy=name&orderDirection=asc HTTP/1.1"
mealie     | INFO     2024-04-19T08:51:11 - [10.0.2.1:0] 200 OK "GET /sw.js HTTP/1.1"
mealie     | INFO     2024-04-19T08:51:11 - [10.0.2.1:0] 401 Unauthorized "GET /api/users/self/ratings HTTP/1.1"
mealie     | INFO     2024-04-19T08:51:11 - [10.0.2.1:0] 200 OK "GET /api/explore/foods/home?page=1&perPage=-1&orderBy=name&orderDirection=asc HTTP/1.1"

Mealie Version

Nightly latest

Deployment

Docker (Linux)

Additional Deployment Details

No response

[joshoram80]

Has this been pushed to a docker image yet? I'm using :nightly and I still can't login on Chrome mobile, regardless of login method set for the user. As long as I have OIDC enabled in any way, login is broken.

[Kuchenpirat]

This is included in the nightlies, but has not been included in a 'proper' release.
You might want to try upgrading to nightly temporarily and check if that helps.

image: ghcr.io/mealie-recipes/mealie:nightly

[joshoram80]

I am already using nightly. I'll try purging the image and repulling

[joshoram80]

I'm still getting an infinite reload with the latest nightly image.

27/04/2024
13:42:56
INFO     2024-04-27T13:42:56 - [120.21.87.170:0] 401 Unauthorized "GET /api/users/self HTTP/1.1"
27/04/2024
13:42:56
INFO     2024-04-27T13:42:56 - [120.21.87.170:0] 500 Internal Server Error "POST /api/auth/token HTTP/1.1"
27/04/2024
13:42:56
ERROR    2024-04-27T13:42:56 - Exception in ASGI application
27/04/2024
13:42:56
Traceback (most recent call last):
27/04/2024
13:42:56
  File "/opt/pysetup/.venv/lib/python3.10/site-packages/sqlalchemy/engine/base.py", line 1971, in _exec_single_context
27/04/2024
13:42:56
    self.dialect.do_execute(
27/04/2024
13:42:56
  File "/opt/pysetup/.venv/lib/python3.10/site-packages/sqlalchemy/engine/default.py", line 919, in do_execute
27/04/2024
13:42:56
    cursor.execute(statement, parameters)
27/04/2024
13:42:56
sqlite3.IntegrityError: UNIQUE constraint failed: users.username
27/04/2024
13:42:56

from logs

[cmintey]

Looks like you have an existing user in Mealie that you're trying to link to from your IdP. By default Mealie uses the email from your IdP to link accounts, so your account in Mealie should have the same email. Alternatively, you can change the link to be username-based by setting this environment variable: OIDC_USER_CLAIM=preferred_username

[joshoram80]

Seems to be working now. Thanks!