mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 18:18:55 +00:00
4ba3cedf37
The client authentication had previously been using liveview and passing params around using URL query params. One of the issues with using liveview for this task was that there edge case issues on certain clients with the websocket connection. Along with that, to have even more security during the login process, the query param values that were passed after the client was authenticated have been moved to an HTTP cookie with very strict flags set. The deep link redirection now uses a new HTTP endpoint that returns a 302 with the deep link as the location, which is triggered using a `<meta http-equiv="refresh">` tag on the client.