Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: let kratos handle session redirects #304

Merged
merged 1 commit into from
Oct 30, 2023
Merged

fix: let kratos handle session redirects #304

merged 1 commit into from
Oct 30, 2023

Conversation

Benehiko
Copy link
Contributor

When users have a session and they are redirected to the registration UI on the account experience, they will end up on the /welcome page. This is due to the session check happening in the Express middleware. This is incorrect behavior since the redirect to the welcome route is hard coded and not an ideal route to leave the user at.

In OAuth flows, this is even more confusing, since the OAuth flow has its own logic when a session is present. OAuth flows usually redirect to the consent route if a session is present and there were no subject mismatches.

This PR removes the session check middleware on the registration route and allows Kratos to handle the redirect logic for us.

Related Issue or Design Document

https://github.com/ory-corp/cloud/issues/5493
ory/kratos#3592

Checklist

  • I have read the contributing guidelines and signed the CLA.
  • I have referenced an issue containing the design document if my change introduces a new feature.
  • I have read the security policy.
  • I confirm that this pull request does not address a security vulnerability.
    If this pull request addresses a security vulnerability,
    I confirm that I got approval (please contact [email protected]) from the maintainers to push the changes.
  • I have added tests that prove my fix is effective or that my feature works.
  • I have added the necessary documentation within the code base (if appropriate).

Further comments

@Benehiko Benehiko self-assigned this Oct 30, 2023
@Benehiko Benehiko mentioned this pull request Oct 30, 2023
Open
6 tasks
@aeneasr aeneasr merged commit 9ad2556 into master Oct 30, 2023
6 checks passed
@aeneasr aeneasr deleted the benehiko/fix-registration-redirects branch October 30, 2023 09:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aeneasr aeneasr aeneasr approved these changes

@hperl hperl Awaiting requested review from hperl

@jonas-jonas jonas-jonas Awaiting requested review from jonas-jonas

Assignees

@Benehiko Benehiko

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Benehiko @aeneasr