From 606afdeb1001beff60a7dae64ef3f72d7e53d59e Mon Sep 17 00:00:00 2001 From: Aaron Parecki Date: Thu, 17 Aug 2017 09:13:37 -0700 Subject: [PATCH] redirect with missing session state instead of starting auth again --- controllers/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/controllers/auth.php b/controllers/auth.php index cd4c78e..d90652b 100644 --- a/controllers/auth.php +++ b/controllers/auth.php @@ -131,7 +131,7 @@ $app->get('/auth/callback', function() use($app) { // If there is no state in the session, start the login again if(!array_key_exists('auth_state', $_SESSION)) { - $app->redirect('/auth/start?me='.urlencode($params['me'])); + $app->redirect('/?error=missing_session_state'); return; }