Too many redirects when auth is required #17
Description
Hi,
I have an application with ldap auth and required auth in qwc-map-viewer conf.
When JWT token expires, there is a redirection to the auth page done by qwc-map-viewer . And in ldap-auth service, there is a redirection to the app because flask session is not expired so current_user.is_authenticated is True. It leads to a redirect loop error (ERR_TOO_MANY_REDIRECTS).
I don't know what is the best way to handle this ? Can we simply remove verification about current_user in ldap auth ? Is it mandatory to use flask-login here ?
To test-it, use docker-compose example with qwc-auth-service using qwc-ldap-auth and rroemhild/test-openldap docker image:
qwc-auth-service:
build:
context: ../qwc-ldap-auth
dockerfile: Dockerfile
environment:
<<: *qwc-service-variables
SERVICE_MOUNTPOINT: '/auth'
JWT_ACCESS_TOKEN_EXPIRES: 10
volumes:
- ./volumes/config:/srv/qwc_service/config:ro
qwc-ldap-test:
image: rroemhild/test-openldap:2.1
container_name: qwc-ldap-test
ports:
- "10636:10636"
- "10389:10389"and some var envs for LDAP config:
LDAP_HOST=qwc-ldap-test
LDAP_PORT=10389
LDAP_USE_SSL=False
LDAP_BASE_DN="dc=planetexpress,dc=com"
LDAP_USER_DN="ou=people"
LDAP_GROUP_DN="ou=people"
LDAP_SEARCH_FOR_GROUPS=True
LDAP_GROUP_MEMBERS_ATTR="member"
LDAP_GROUP_NAME_ATTRIBUTE="cn"
LDAP_GET_GROUP_ATTRIBUTES="*"
LDAP_USER_SEARCH_SCOPE="LEVEL"
LDAP_USER_RDN_ATTR="cn"
LDAP_BIND_USER_DN="cn=admin,dc=planetexpress,dc=com"
LDAP_BIND_USER_PASSWORD="GoodNewsEveryone"Configure qwc-map-viewer with auth_required: true.
Log in to the app (https://github.com/rroemhild/docker-test-openldap?tab=readme-ov-file#ldap-structure) , wait 10 seconds and refresh so the JWT token is expired and the app asks for authentication but flask-login cookie session is still valid.
Thanks