Redirects not working as intended

Hi,

Our goal is to make a generic login page that can be put before any app.
The login uses the google login, where you redirect to google select your gmail and then go back to the app and get validated. During the validation we check if the email is *@poki.com and if so we do the signup. Now all of this works perfectly.

Then we started to setup redirects and this is where we got stuck at the moment.
This is the _redirects on our page:

# Redirects from what the browser requests to what we serve
/scripts/login.js /scripts/login.js	200!
/*			    200!	Role=poki
/*	/login	401!

So > if you go to any page and your not logged in, you bounce to login.html which has a script that renders a login button. You click it, log in and google bounces you back to /. The account creation works and it registers the login. I can even see the correct information on the login.html for the user. However it does not redirect to /index.html. Also not if I go directly to /index.html. It keeps on redirecting to /login.html. The weird thing is, if I wait for ~10 minutes and go back to the page it suddenly does work. But then when I logout and login again I experience the same issue.

1 Like

Have been playing around some more with this, but still not able to solve this issue. It seems to me like some sort of caching error.

To clarify a bit further, this is what we would like to achieve:

User is not logged in.

  1. User goes to https://xxxxxxxx.netlify.com/, user is presented with https://xxxxxxxx.netlify.com/login.html (this downloads scripts/login.js, i could inline this script if needed)
  2. User clicks login and goes to external provider Google and select his account
  3. Google directs the user back to https://xxxxxxxx.netlify.com/ which now after being logged in presents the user https://xxxxxxxx.netlify.com/index.html

OK. I think you’d need an enterprise-level account to use this workflow, since JWT’s are an enterprise level feature. You can use some of our Identity service on cheaper plans - but if you do your own JWT validation and try using redirect rules like the one you mention - pretty sure that is an Enterprise-level only feature.

I think you’re only on a pro team, so this makes sense that it wouldn’t work to me.