usaa.ma / markedit
A deployable markdown editor that connects with your self hosted files and lets you edit in a beautiful interface
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Add session debugging and improve error handling

- Add SameSite=Lax for OAuth cookie compatibility
- Log cookies in BeginAuth and CallbackAuth for debugging
- Add better error message when session expires
- Redirect to home with error on session expiry

usamasulaiman c228f841 a20a6ff8

+19 -1
+16 -1
backend/internal/api/handlers/auth.go
··· 38 38 q.Add("provider", "github") 39 39 r.URL.RawQuery = q.Encode() 40 40 41 + log.Printf("BeginAuth - Starting OAuth flow") 42 + 41 43 // Get the auth URL from goth 42 44 gothic.BeginAuthHandler(w, r) 45 + 46 + log.Printf("BeginAuth - Cookies set: %v", w.Header().Get("Set-Cookie")) 43 47 } 44 48 45 49 // CallbackAuth handles the OAuth callback ··· 49 53 q.Add("provider", "github") 50 54 r.URL.RawQuery = q.Encode() 51 55 56 + // Log cookies for debugging 57 + log.Printf("Callback - Cookies received: %v", r.Cookies()) 58 + 52 59 // Complete OAuth flow 53 60 gothUser, err := gothic.CompleteUserAuth(w, r) 54 61 if err != nil { 55 62 log.Printf("OAuth callback error: %v", err) 56 - http.Error(w, "Authentication failed", http.StatusInternalServerError) 63 + 64 + // Try to start auth again if session not found 65 + if err.Error() == "could not find a matching session for this request" { 66 + log.Printf("Session not found, redirecting to begin auth") 67 + http.Redirect(w, r, "http://localhost:4321/?error=session_expired", http.StatusTemporaryRedirect) 68 + return 69 + } 70 + 71 + http.Error(w, fmt.Sprintf("Authentication failed: %v", err), http.StatusInternalServerError) 57 72 return 58 73 } 59 74
+3
backend/internal/auth/github.go
··· 2 2 3 3 import ( 4 4 "fmt" 5 + "net/http" 5 6 "os" 6 7 7 8 "github.com/gorilla/sessions" ··· 43 44 store.Options.Path = "/" 44 45 store.Options.HttpOnly = true 45 46 store.Options.Secure = isProd 47 + store.Options.SameSite = http.SameSiteLaxMode // Important for OAuth redirects 48 + // Don't set Domain for localhost - let browser handle it 46 49 47 50 gothic.Store = store 48 51