Commit 4bf82283 authored by Frédéric Mangano-Tarumi's avatar Frédéric Mangano-Tarumi Committed by Lukas Fleischer
Browse files

SSO: Explain the rationale behind prompt=login



We might reconsider it in the future.
Signed-off-by: Lukas Fleischer's avatarLukas Fleischer <lfleischer@archlinux.org>
parent 8d5244d0
......@@ -28,6 +28,13 @@ oauth.register(
@router.get("/sso/login")
async def login(request: Request):
"""
Redirect the user to the SSO provider’s login page.
We specify prompt=login to force the user to input their credentials even
if they’re already logged on the SSO. This is less practical, but given AUR
has the potential to impact many users, better safe than sorry.
"""
redirect_uri = aurweb.config.get("options", "aur_location") + "/sso/authenticate"
return await oauth.sso.authorize_redirect(request, redirect_uri, prompt="login")
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment