Skip to content

try: oauth_errors #659

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
MODSetter merged 2 commits into from
Jan 2, 2026
Merged

try: oauth_errors #659

MODSetter merged 2 commits into from
Jan 2, 2026

Conversation

@MODSetter
Copy link
Owner

@MODSetter MODSetter commented Jan 2, 2026
edited by recurseml bot
Loading

Please work

Description

Motivation and Context

FIX #

Screenshots

API Changes

  • This PR includes API changes

Change Type

  • Bug fix
  • New feature
  • Performance improvement
  • Refactoring
  • Documentation
  • Dependency/Build system
  • Breaking change
  • Other (specify):

Testing Performed

  • Tested locally
  • Manual/QA verification

Checklist

  • Follows project coding standards and conventions
  • Documentation updated as needed
  • Dependencies updated as needed
  • No lint/build errors or new warnings
  • All relevant tests are passing

High-level PR Summary

This PR fixes Google OAuth authentication issues in Firefox and Safari browsers by implementing a redirect-based authorization flow. The changes address cross-site cookie problems where CSRF tokens set via cross-origin fetch requests weren't being sent on subsequent redirects. The frontend now uses a new /auth/google/authorize-redirect endpoint that performs server-side redirection to Google OAuth, and the backend has been updated to properly configure CSRF cookies with appropriate domain settings and a new redirect endpoint that sets cookies in a same-site context.

⏱️ Estimated Review Time: 30-90 minutes

💡 Review Order Suggestion
Order File Path
1 surfsense_web/app/(home)/login/GoogleLoginButton.tsx
2 surfsense_backend/app/app.py

Need help? Join our Discord

Analyze latest changes

@MODSetter
feat: implement redirect-based OAuth authorization for Google login
9029f5c 
- Added a new endpoint `/auth/google/authorize-redirect` to handle OAuth authorization via server-side redirect, addressing CSRF cookie issues in Firefox/Safari.
- Updated the `GoogleLoginButton` component to use the new redirect endpoint instead of the previous JSON-based authorization method.
- Enhanced CSRF cookie handling by explicitly setting the cookie domain and ensuring compatibility with cross-origin requests.
@MODSetter
Merge commit 'a64ab8971d1749ceb40bf30f24f5029679dd7c39' into dev
458c152
@vercel
Copy link

vercel bot commented Jan 2, 2026

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
surf-sense-frontend Building Building Preview, Comment Jan 2, 2026 8:26am

@MODSetter MODSetter merged commit ae1c3f9 into main Jan 2, 2026
4 of 6 checks passed
recurseml[bot]
recurseml bot reviewed Jan 2, 2026
View reviewed changes
Copy link

@recurseml recurseml bot left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review by RecurseML

🔍 Review performed on a64ab89..458c152

✨ No bugs found, your code is sparkling clean

✅ Files analyzed, no issues (1)

surfsense_web/app/(home)/login/GoogleLoginButton.tsx

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@recurseml recurseml[bot] recurseml[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MODSetter