marketing-shibata50/tududi
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tududi/backend
History
Chris ca77222eae
fix: resolve OIDC session loss and migration failures (#1023) 
* fix: resolve OIDC session loss and migration failures

This commit fixes three critical issues affecting OIDC/SSO authentication:

1. Session Not Saved Before Redirect
   - Added explicit req.session.save() callback in OIDC callback handler
   - Ensures session is persisted before redirecting to /today
   - Prevents 401 errors after successful SSO authentication

2. Migration Resilience
   - Added DROP TABLE IF EXISTS users_new in migration
   - Prevents "table already exists" errors from failed migrations
   - Created cleanup script for orphaned migration tables

3. Trust Proxy Documentation
   - Documented TUDUDI_TRUST_PROXY requirement for reverse proxy deployments
   - Added troubleshooting guide for session loss issues
   - Updated .env.example with OIDC configuration examples

Fixes session loss when deployed behind reverse proxies (nginx, Traefik, etc.)

Changes:
- backend/modules/oidc/controller.js: Add session.save() before redirect
- backend/migrations/20260420000004-make-password-optional.js: Add DROP TABLE IF EXISTS
- backend/scripts/cleanup-failed-migration.js: New cleanup utility
- backend/.env.example: Add OIDC and trust proxy examples
- docs/10-oidc-sso.md: Add trust proxy configuration and troubleshooting
- docs/feature-plans/00-oidc-sso.md: Document required environment variables

* fix: prettier formatting in cleanup script
2026-04-14 07:53:55 +03:00
..
cmd Fix isEmail validation failure on valid emails during Docker setup (#835) 2026-02-11 15:42:11 +02:00
config Setup infra for reverse proxy (#831) 2026-02-10 20:22:51 +02:00
docs/swagger Update swagger (#906) 2026-03-04 18:47:48 +02:00
middleware fix: exempt public unauthenticated endpoints from CSRF protection 2026-04-13 13:05:33 +03:00
migrations fix: resolve OIDC session loss and migration failures (#1023) 2026-04-14 07:53:55 +03:00
models fix: prevent task name truncation when creating from inbox (#1020) 2026-04-13 23:14:52 +03:00
modules fix: resolve OIDC session loss and migration failures (#1023) 2026-04-14 07:53:55 +03:00
scripts fix: resolve OIDC session loss and migration failures (#1023) 2026-04-14 07:53:55 +03:00
seeders Fix bug 366 (#764) 2026-01-07 18:18:07 +02:00
services Fix bug 366 (#764) 2026-01-07 18:18:07 +02:00
shared Fix bug 366 (#764) 2026-01-07 18:18:07 +02:00
tests fix: resolve OIDC authentication error with existing identities (#1021) 2026-04-14 00:11:32 +03:00
utils feat: Add OIDC/SSO authentication support (#1008) 2026-04-13 12:17:35 +03:00
.env.example fix: resolve OIDC session loss and migration failures (#1023) 2026-04-14 07:53:55 +03:00
.env.test Feat: habits (#707) 2025-12-13 08:47:52 +02:00
.prettierignore Add 'dist' paths to git & prettier ignore. 2025-07-22 11:45:14 +03:00
.prettierrc.json Linting cleanup (#99) 2025-07-01 11:40:09 +03:00
.sequelizerc Express migration (#80) 2025-06-16 21:50:44 +03:00
app.js fix: add COOKIE_SECURE environment variable to control cookie security 2026-04-13 13:22:09 +03:00
database.sqlite Fix bug 619 (#629) 2025-12-02 18:00:36 +02:00
eslint.config.js Sorting fixes (#174) 2025-07-17 17:43:56 +03:00
jest.config.js Fix E2E test breakage (#380) 2025-10-05 16:04:46 +03:00