From 6c6ec3ce8e5f57aeebe1adbd371c44b27290b629 Mon Sep 17 00:00:00 2001
From: Jeremy Fee <jmfee@usgs.gov>
Date: Wed, 28 Apr 2021 13:18:54 -0600
Subject: [PATCH] Use https in redirect url

---
 geomagio/api/secure/login.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/geomagio/api/secure/login.py b/geomagio/api/secure/login.py
index 9da5838a..b4c8f5cd 100644
--- a/geomagio/api/secure/login.py
+++ b/geomagio/api/secure/login.py
@@ -175,6 +175,9 @@ async def authorize(request: Request):
 async def login(request: Request):
     """Redirect to OpenID provider."""
     redirect_uri = request.url_for("authorize")
+    if "127.0.0.1" not in redirect_uri:
+        # 127.0.0.1 used for local dev, all others use https
+        redirect_uri = redirect_uri.replace("http://", "https://")
     # save original location
     if "Referer" in request.headers:
         request.session["after_authorize_redirect"] = request.headers["Referer"]
-- 
GitLab