Wipe cookies on conflict during login

9b8e539a · Mart van Santen · efe8ff75 · 9b8e539a
Commit 9b8e539a authored 2 years ago by Mart van Santen
--- a/backend/web/login/login.py
+++ b/backend/web/login/login.py
@@ -228,15 +228,21 @@ def auth():
    # Authorize the user
    # False positive: pylint: disable=no-member
-    redirect_to = hydra_admin_api.accept_login_request(
-        challenge,
+    try:
-        accept_login_request=AcceptLoginRequest(
+        redirect_to = hydra_admin_api.accept_login_request(
-            identity.id,
+            challenge,
-            remember=True,
+            accept_login_request=AcceptLoginRequest(
-            # Remember session for 7d
+                identity.id,
-            remember_for=60 * 60 * 24 * 7,
+                remember=True,
-        )
+                # Remember session for 7d
-    ).redirect_to
+                remember_for=60 * 60 * 24 * 7,
+            )
+        ).redirect_to
+    except Exception as e:
+        current_app.logger.error("Failure during accepting login request. Redirecting to logout, hopefully to wipe cookies")
+        current_app.logger.error(e)
+        return redirect("logout")
    return redirect(redirect_to)