mirror of https://github.com/zulip/zulip.git
9b485f3ef4
This adds a new settings, SOCIAL_AUTH_SUBDOMAIN, which specifies which domain should be used for GitHub auth and other python-social-auth backends. If one is running a single-realm Zulip server like chat.zulip.org, one doesn't need to use this setting, but for multi-realm servers using social auth, this fixes an annoying bug where the session cookie that python-social-auth sets early in the auth process on the root domain ends up masking the session cookie that would have been used to determine a user is logged in. The end result was that logging in with GitHub on one domain on a multi-realm server like zulipchat.com would appear to log you out from all the others! We fix this by moving python-social-auth to a separate subdomain. Fixes: #9847. |
||
|---|---|---|
| .. | ||
| jinja2 | ||
| __init__.py | ||
| backends.py | ||
| dev_settings.py | ||
| dev_urls.py | ||
| email_backends.py | ||
| legacy_urls.py | ||
| prod_settings_template.py | ||
| settings.py | ||
| slack_importer_test_settings.py | ||
| terms.md.template | ||
| test_settings.py | ||
| urls.py | ||
| wsgi.py | ||