-
Notifications
You must be signed in to change notification settings - Fork 433
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Apple Provider Regenerates the Session #1181
Comments
Unless an application uses a username, you could still prompt the user after the callback to a form where they can fill in their name. Basically like openai. This is huge in terms of not dealing with apple's shenanigans. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The current implementation uses Apples
response_mode=form_post
option in order to support scopes.This causes Laravel to loose the session when Apple hits the callback …
Also you have to mess with CSRF token protection because it's not a GET request.
There's a lot of trouble you can run into when using the Apple provider …
E.g. here's an existing discussion: #1145
Please review my workaround with detailed explanation here:
https://laracasts.com/discuss/channels/laravel/apple-login-with-socialite-clears-my-cart-session?page=1&replyId=930481
I'm not sure what would be the best way moving forward.
I don't think this can be fixed without a breaking change.
Maybe provide an opt-in solution + docs …?
The text was updated successfully, but these errors were encountered: