audiobookshelf/server
Alex Cortelyou b37cc9e4ce Fix OIDC callback dead-ending on "No session"
When the express-session holding the OIDC transaction is missing at
/auth/openid/callback (e.g. the in-memory session store was cleared by a
server restart, or the callback page was reloaded), the server returned a
bare 400 "No session" white screen and the flow could not recover until the
user manually cleared their cookies.

Instead, destroy the stale session and clear the connect.sid cookie so the
next attempt starts clean, then redirect web clients back to /login to
restart the flow. Mobile/API clients (identified by the client-supplied
code_verifier) still receive the 400 status they expect.
2026-07-02 20:57:30 -07:00
..
auth Add unique UUID to access and refresh tokens 2026-05-21 17:08:39 -07:00
controllers Enhance PodcastController to handle enclosure updates, allowing for null values and object structure validation for enclosure properties. 2026-06-18 12:39:50 +03:00
finders Improved subtitle parsing to account for bare colon in title 2026-02-06 14:31:09 -05:00
libs Add fuse.basic.min.js in libs instead of full npm package, use lower threshold for quick matching 2025-06-13 17:23:24 -05:00
managers fix: set correct Content-Type for RSS feed audio files 2026-05-02 22:13:35 -04:00
migrations Rename migration to v2.35.0 & merge master 2026-04-30 16:08:24 -05:00
models Update Sequelize where query for User username/email case insensitive 2026-05-28 14:49:49 -05:00
objects Fix android device sdkVersion not handling it using number type, causing android session device names to show as iOS 2026-05-15 13:13:14 -05:00
providers Fix server crash on audible match #4931 2025-12-23 16:44:29 -06:00
routers Fix item_removed payload to include libraryId 2026-03-31 22:02:52 +03:00
scanner Cleanup abmetadata file parsing & fix server crash #5268 #4287 #5142 2026-05-27 17:33:14 -05:00
utils Fix typo on onTest notification body 2026-05-30 15:43:50 -05:00
Auth.js Fix OIDC callback dead-ending on "No session" 2026-07-02 20:57:30 -07:00
Database.js Update API Keys to be tied to a user, add apikey lru-cache, handle deactivating expired keys 2025-06-30 14:53:11 -05:00
Logger.js Simplify log level determination 2025-03-08 12:46:36 -07:00
Server.js Server.js: Let next.js handle file uploads through internal-api routes 2026-06-23 14:08:16 +03:00
SocketAuthority.js Update socket events to check client is admin & validate log level 2026-05-12 16:57:28 -05:00
Watcher.js Add: generic function to ignor files 2025-02-22 12:28:51 -07:00