From 9b8e539ae9b04f2a1b9a71f0029a77c0431e364a Mon Sep 17 00:00:00 2001
From: Mart van Santen <mart@greenhost.nl>
Date: Wed, 22 Feb 2023 15:37:40 +0800
Subject: [PATCH] Wipe cookies on conflict during login

---
 backend/web/login/login.py | 24 +++++++++++++++---------
 1 file changed, 15 insertions(+), 9 deletions(-)

diff --git a/backend/web/login/login.py b/backend/web/login/login.py
index a96b2058..afee0f80 100644
--- a/backend/web/login/login.py
+++ b/backend/web/login/login.py
@@ -228,15 +228,21 @@ def auth():
 
     # Authorize the user
     # False positive: pylint: disable=no-member
-    redirect_to = hydra_admin_api.accept_login_request(
-        challenge,
-        accept_login_request=AcceptLoginRequest(
-            identity.id,
-            remember=True,
-            # Remember session for 7d
-            remember_for=60 * 60 * 24 * 7,
-        )
-    ).redirect_to
+
+    try:
+        redirect_to = hydra_admin_api.accept_login_request(
+            challenge,
+            accept_login_request=AcceptLoginRequest(
+                identity.id,
+                remember=True,
+                # Remember session for 7d
+                remember_for=60 * 60 * 24 * 7,
+            )
+        ).redirect_to
+    except Exception as e:
+        current_app.logger.error("Failure during accepting login request. Redirecting to logout, hopefully to wipe cookies")
+        current_app.logger.error(e)
+        return redirect("logout")
 
     return redirect(redirect_to)
 
-- 
GitLab