User Request
Type: bug
Target: Console Application
Submitted by: @aaradhychinche-alt
Console Request ID: 65eb7ef5-4304-400c-9efb-e5c65ac0953e
Description
What happened:
OAuth state is stored only in memory. If the backend restarts during login, the callback fails due to missing state.
What I expected:
OAuth state should persist across restarts or be handled gracefully.
Steps to reproduce:
- Start OAuth login.
- Before completing GitHub consent, restart backend.
- Complete login.
- Observe failure due to CSRF/state validation.
Relevant area:
Auth handler (pkg/api/handlers/auth.go)
Suggested improvement:
Persist OAuth state or implement retry-safe flow.
Impact:
Medium. Breaks login flow in real-world restart scenarios.
This issue was automatically created from the KubeStellar Console.
User Request
Type: bug
Target: Console Application
Submitted by: @aaradhychinche-alt
Console Request ID: 65eb7ef5-4304-400c-9efb-e5c65ac0953e
Description
What happened:
OAuth state is stored only in memory. If the backend restarts during login, the callback fails due to missing state.
What I expected:
OAuth state should persist across restarts or be handled gracefully.
Steps to reproduce:
Relevant area:
Auth handler (pkg/api/handlers/auth.go)
Suggested improvement:
Persist OAuth state or implement retry-safe flow.
Impact:
Medium. Breaks login flow in real-world restart scenarios.
This issue was automatically created from the KubeStellar Console.