UAuth Login Popup Flow Bypasses Domain Input Due to some Cache #144
Comments
KindKang
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
KindKang
changed the title
Experiencing an issue with the UAuth login popup flow. Here's what's happening:
When calling uauth.loginWithPopup(), the popup window opens https://identity.unstoppabledomains.com/login/selectDomain.
However, I never get the opportunity to actually input the domain name. (it is empty in the input box)
There is no {"domain":"xx.unstoppable"} request body
The selectDomain flow automatically proceeds to https://identity.unstoppabledomains.com/auth with a pre-selected domain, bypassing the domain input step.
In auth page, even clicking 'Connect with a different domain', although it briefly go back to the selectDomain page, it automatically redirects again.
This appears to be a caching issue where previous login credentials are persisting. The login flow seems to be using cached domain information even after logout, and the 'Connect with a different domain' option isn't clearing these cached credentials properly.
The cached domain is in the html returned by /login/selectDomain endpoint
Current Workaround:
Manually clearing the browser cache for identity.unstoppabledomains.com resolves the issue.
Suggested Improvements:
After loginout, the corresponding brower data should be removed
The selectDomain endpoint should not automatically proceed without a valid {"domain":"xxx.unstoppable"} parameter
The "Connect with a different domain" option should clear relevant cache/cookies to ensure a fresh domain selection
The text was updated successfully, but these errors were encountered: