mirror of https://github.com/zulip/zulip.git
9b485f3ef4
This adds a new settings, SOCIAL_AUTH_SUBDOMAIN, which specifies which domain should be used for GitHub auth and other python-social-auth backends. If one is running a single-realm Zulip server like chat.zulip.org, one doesn't need to use this setting, but for multi-realm servers using social auth, this fixes an annoying bug where the session cookie that python-social-auth sets early in the auth process on the root domain ends up masking the session cookie that would have been used to determine a user is logged in. The end result was that logging in with GitHub on one domain on a multi-realm server like zulipchat.com would appear to log you out from all the others! We fix this by moving python-social-auth to a separate subdomain. Fixes: #9847. |
||
|---|---|---|
| .. | ||
| authentication-methods.md | ||
| deployment.md | ||
| email.md | ||
| expensive-migrations.md | ||
| index.rst | ||
| install-existing-server.md | ||
| install.md | ||
| maintain-secure-upgrade.md | ||
| mobile-push-notifications.md | ||
| multiple-organizations.md | ||
| overview.md | ||
| password-strength.md | ||
| postgres.md | ||
| requirements.md | ||
| security-model.md | ||
| settings.md | ||
| ssl-certificates.md | ||
| troubleshooting.md | ||
| upload-backends.md | ||