external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

SSO: Explain the rationale behind prompt=login

Browse source 
We might reconsider it in the future.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This commit is contained in:
Frédéric Mangano-Tarumi 2020-07-14 15:34:06 +02:00 committed by Lukas Fleischer
parent 8d5244d0c0
commit 4bf8228324
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
aurweb/routers/sso.py
View file

@ -28,6 +28,13 @@ oauth.register(
@router.get("/sso/login") @router.get("/sso/login")
async def login(request: Request): async def login(request: Request):
"""
Redirect the user to the SSO providers login page.
We specify prompt=login to force the user to input their credentials even
if theyre already logged on the SSO. This is less practical, but given AUR
has the potential to impact many users, better safe than sorry.
"""
redirect_uri = aurweb.config.get("options", "aur_location") + "/sso/authenticate" redirect_uri = aurweb.config.get("options", "aur_location") + "/sso/authenticate"
return await oauth.sso.authorize_redirect(request, redirect_uri, prompt="login") return await oauth.sso.authorize_redirect(request, redirect_uri, prompt="login")