Skip to content

fix(backend): intermittent login failure with google auth #1022

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 12, 2024
Merged

fix(backend): intermittent login failure with google auth #1022

merged 1 commit into from
Aug 12, 2024

Conversation

detj
Copy link
Contributor

@detj detj commented Aug 9, 2024
edited
Loading

Important

The Google OAuth consent screen settings is configured in testing mode. This effectively means only login attempts from whitelisted Google accounts will succeed. We need to publish the OAuth app before launch, otherwise non-whitelisted users won't be able to login using Google.

image

image

Summary

Login with Google would fail intermittently on Chromium and repeatedly fail on Safari. In this PR, we turn on FedCM so that sign in with Google works on browsers that block third-party cookies. We also implement a bypass on nonce checking on Safari browsers while implementing logs for further monitoring this particular situation. Overall, authentication with Google should be more robust with this PR.

Tasks

  • Fix intermittent login issues with google
  • Modify sign in with google settings to use redirect ux mode
  • Modify sign in with google settings to use fedCM
  • Modify google auth stack to work around issues with safari

References

For more context, see below.

@detj
fix(backend): google auth
774283b 
- fix intermittent login issues with google
- modify sign in with google settings to use `redirect` ux mode
- modify sign in with google settings to use fedCM
- modify google auth stack to work around issues with safari
@detj detj added the bug something isn't working label Aug 9, 2024
@detj detj self-assigned this Aug 9, 2024
@vercel Vercel
Copy link

vercel bot commented Aug 9, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

1 Skipped Deployment
Name Status Preview Comments Updated (UTC)
measure-web-app ⬜️ Ignored (Inspect) Aug 9, 2024 8:46pm

@detj detj changed the title fix(backend): intermitten login failure with google auth fix(backend): intermittent login failure with google auth Aug 9, 2024
@detj detj requested a review from anupcowkur August 9, 2024 20:52
@detj detj merged commit 06a35e8 into main Aug 12, 2024
10 checks passed
@detj detj deleted the fix-google-auth branch August 12, 2024 04:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anupcowkur anupcowkur anupcowkur approved these changes

Assignees

@detj detj

Labels
bug something isn't working
Projects
Measure Roadmap
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@detj @anupcowkur