Login/Register
302 redirection error before 200 success code IN FLASK
Asked Answered
pythonflaskjwthttp-status-code-302
T

1

0

I am running an FLASK app where I check the JWT in the index endpoint. The problem was I get 2 response when I execute this end point .

127.0.0.1 - - [06/Dec/2018 17:38:21] "GET / HTTP/1.1" 302 -
127.0.0.1 - - [06/Dec/2018 17:38:21] "GET /home HTTP/1.0" 200 -

My code is 

@app.route('/')
def index():
    try:
        encoded_jwt=request.headers.get('jwt')
        print(encoded_jwt)
        secret = "-----BEGIN PUBLIC KEY----- ........"

        claims = jwt.decode(encoded_jwt, secret)
        print(type(claims))
        import json

        json_parse = json.loads(json.dumps(claims))
        email = json_parse['http://wso2.org/claims/emailaddress']
        print(email)
        roles = json_parse['http://wso2.org/claims/role']
        print(roles)

        session['email'] = email

        if ROLETAGOFADMIN in roles:
            role="admin"

        elif "" in roles:
            role = "employee"

        else:
            role=None

        session['role'] = role

        if 'email' in session and (session['role'] == "admin" or session['role'] == "employee"  )and request.method == "GET":
            if 'lastpage' in session:
                lastpage=session['lastpage']
                print(lastpage)
                session.pop('lastpage')
                return  redirect(lastpage)
            else:
                return redirect(url_for('home'))
        else:
            return "Sorry. Unfortunately You have no access."

    except Exception as e:
        return redirect(url_for('error'))

My Identity server is redirecting because of the first response. I couldn't find the way to fix that. I am not aware of that the error is occurred because of the try catch . Please help me.

Tokyo answered 6/12, 2018 at 12:28 Comment(0)
M
1

You are using Flask's redirect to issue a redirect which is going to send a 302 response to the client with a Location header instructing the client to go to /home instead. Then the client has to issue the request to this new URL where the client finally gets the 200 response code. That is why you are seeing two requests and the 302 and 200 response codes in the server logs.

This particular line is causing the redirect:

return redirect(url_for('home'))

It seems like you expected redirect to simply render the content of /home and return that as the response with the original request to / (e.g. a single 200 response). If that's what you actually want, you could instead use render_template (or whatever you use in /home to render your content) to directly render that page. However, I would recommend keeping the redirect behavior as you have it.

Mariahmariam answered 6/12, 2018 at 12:30 Comment(6)
Is there any way to remove the 302 code from the header because Identity server takes the first response and giving error.Tokyo
Why not just have your index() route just return 'OK!' rather than redirecting to /home?Mariahmariam
After authenticated I should redirect some where ! so I need to redirect.Tokyo
@BalakrishnanSathiyakugan Then there's no way around the 302. What are you using as a client to access this endpoint?Mariahmariam
It's an internal app where from teh button from the internal apps of the company it will check the Identity server of that user and return a request with the header which contains JWT . But when the IS redirects to my app first response it gets was redirect then IS redirects to their end point.Tokyo
Yea so it seems like your flow is a little backwards. The button should probably issue a request to your app, which then internally calls out to the identity server to get the JWT and then redirects the user to the /home page upon success. The identity server isn't going to know what to do with a 302Mariahmariam

© 2022 - 2024 — McMap. All rights reserved.