PWA on iOS (Home screen web app) using Oauth - Request for comments on workaround
42 views
Skip to first unread message
STILLITS * Operações
Aug 27, 2019, 5:11:29 PM8/27/19
to django-allauth
Greetings,
After you add a webpage from a PWA to the Home screen on iOS, there's a problem when you try to authenticate from LinkedIn, Google (and probably any other Oauth provider): it seems like redirection does not work as expected and, therefore, login never occurs (302 - Forbidden).
I created a workaround that is functional right now but, since this is not my expertise, there's some concern if it compromises security in any way. Therefore I ask your help on evaluating if the solution is feasible.
After you add a webpage from a PWA to the Home screen on iOS, there's a problem when you try to authenticate from LinkedIn, Google (and probably any other Oauth provider): it seems like redirection does not work as expected and, therefore, login never occurs (302 - Forbidden).
I created a workaround that is functional right now but, since this is not my expertise, there's some concern if it compromises security in any way. Therefore I ask your help on evaluating if the solution is feasible.
Attached are the patch files.
I also added a new setting on settings.py, where I add the domains that are related to the PWA (in order to avoid the workaround on any other domains):
REDIRECT_PWA = ['domain1','domain2']
Any feedback would be very welcome.
TIA,
JC
Reply all
Reply to author
Forward
0 new messages