OAuth2 problems on production
Hey, so I was trying to setup OAuth2 in my webapp so I can login via Discord on it. I used the Auth.js node package and while testing locally it worked fine. I then proceeded to deploy it in railway and added the railway generated domain to the "Redirects URI" in discord app management.
But when I try to login I get a warning message from my browser saying that "The data I'm about to send is not secure" and if I click to ignore it and send it anyway I just get sent back to the login page again. This is shown in the attached video (sorry, its in portuguese, but the warning is translated to the quoted text above).
I then tried setting up a custom domain for the website to see if something changed. I then added the new domain to the discord app management page and initially the error was different, it was a discord error saying that the
redirect_uri was wrong (which it wasn't). I thought it could be discord taking a while to update but no luck still. I then turned off the Cloudflare Proxy in my DNS record and the "The data I'm about to send are not secure" problem came back.
I've spent far too long on this and was wondering if anyone had this kind of problem before and managed to solve it.
Thank you in advance for reading this (:10 Replies
Project ID:
ead0c5c4-15ad-497d-a775-fa3bbebe1d72ead0c5c4-15ad-497d-a775-fa3bbebe1d72
can you send your custom domain?
you are using http
use https
Makes sense why it worked locally. The thing is that the Auth.js package is generating this login page, might have missed some part of the documentation
Thanks!
Couldn't find how to make Auth.js create the links with
https so, since this is just a testing project, I just added a http version of the callback to the list of redirect uri's. It still has that screen saying the data is not secure but that's future me problem
because the data is not secure lmao
back to the documentation you go
Yes, future me is so excited