Redirect too many times

lancevalour · December 27, 2019, 10:25pm

I am trying to deploy the Node js example code on Zeit Now, everything works fine if run locally, but it gives me ERR_TOO_MANY_REDIRECTS when I deployed.

Has anyone experienced this issue before? Can anyone shed some light on this? Thank you!

ashish · December 27, 2019, 10:34pm

@lancevalour Welcome to auth0 community.

Without knowing much details it is hard to say what could be going wrong. Could you post HAR file when this error happens? Generate and Analyze HAR Files Remember to remove any confidential info from the HAR such as username/passwords

lancevalour · December 27, 2019, 10:44pm

debug.har (375.5 KB)

ashish · December 28, 2019, 12:44am

Thank you posting the HAR file. Unfortunately it doesn’t help much. Can you provide a reproducible sample? Is it standard Auth0 nodejs quickstart sample or something you built? also are you using auth0 developer keys by any chance for social connections?

lancevalour · December 30, 2019, 5:44pm

I am using the standard nodejs quickstart sample code from here:

I am using email/password connection

lancevalour · December 30, 2019, 6:14pm

Looks like when /callback route is called, it redirects back to /login route, and then auth0 /authorize route, and /callback again causing an infinite loop

lancevalour · December 30, 2019, 7:43pm

Solved this issue.

Need to add app.set("trust proxy", 1);

konrad.sopala · December 31, 2019, 11:33am

Thanks a lot for sharing it with the rest of community!

thatrichvonguy · December 31, 2019, 11:16pm

I had the same issue. In addition to setting the trust proxy I had to set sess.proxy to true. I also implemented the mongoStore (while having a “real session store” is good, it didn’t solve this problem) – this was a painful 48 hours.

The following issues were referenced along my way:

https://github.com/auth0/passport-auth0/issues/70

// config express-session
var sess = {
    secret: config.session_secret,
    cookie: {},
    resave: false,
    saveUninitialized: true,
    store: new MongoStore({ mongooseConnection: mongoose.connection }),
}

if (app.get('env') === 'production') {
    sess.cookie.secure = true
    sess.proxy = true
    app.set('trust proxy', 1)
}

I also added some headers to my nginx config, not sure if they were required in the end, but its working now:

listen 443 ssl;
location / {
    proxy_pass http://localhost:3020;
    proxy_http_version 1.1;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-Host $host:$server_port;
    proxy_set_header X-Forwarded-Server $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
}

system · January 15, 2020, 11:16pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.