Hi,
I have a web application authenticating using auth0.
Once after authentication, I’m opening the app in multiple tabs(where each time it checks it the user has already logged in and opens the page)
suddenly in one of the tabs, I’m getting AuthStateForbidden error and all the tabs loading after are saying the “session value state is missing”.
Could you please help me in resolving this. Below is the error.
File “/app/.heroku/python/lib/python3.9/site-packages/django/core/handlers/exception.py”, line 47, in inner
response = get_response(request)
File “/app/.heroku/python/lib/python3.9/site-packages/django/core/handlers/base.py”, line 181, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File “/app/.heroku/python/lib/python3.9/site-packages/django/views/decorators/cache.py”, line 44, in _wrapped_view_func
response = view_func(request, *args, **kwargs)
File “/app/.heroku/python/lib/python3.9/site-packages/django/views/decorators/csrf.py”, line 54, in wrapped_view
return view_func(*args, **kwargs)
File “/app/.heroku/python/lib/python3.9/site-packages/social_django/utils.py”, line 49, in wrapper
return func(request, backend, *args, **kwargs)
File “/app/.heroku/python/lib/python3.9/site-packages/social_django/views.py”, line 31, in complete
return do_complete(request.backend, _do_login, user=request.user,
File “/app/.heroku/python/lib/python3.9/site-packages/social_core/actions.py”, line 45, in do_complete
user = backend.complete(user=user, *args, **kwargs)
File “/app/.heroku/python/lib/python3.9/site-packages/social_core/backends/base.py”, line 40, in complete
return self.auth_complete(*args, **kwargs)
File “/app/.heroku/python/lib/python3.9/site-packages/social_core/utils.py”, line 248, in wrapper
return func(*args, **kwargs)
File “/app/.heroku/python/lib/python3.9/site-packages/social_core/backends/oauth.py”, line 375, in auth_complete
state = self.validate_state()
File “/app/.heroku/python/lib/python3.9/site-packages/social_core/backends/oauth.py”, line 89, in validate_state
raise AuthStateForbidden(self)