I am using a reverse proxy to enable ssl on a custom domain. The proxy works fine on the public pages, however when the user attempts to access a login_required directory the login url shifts them over to my appspot domain after sign-in.
Is there a way to keep users on the custom domain?
Here is my login handler:
class OpenIDLoginHandler(webapp.RequestHandler):
def get(self):
domain = self.request.get('domain')
continue_url = self.request.GET.get('continue')
if not continue_url:
continue_url = 'https://my_domain/login_required_directory/'
if domain:
self.redirect(users.create_login_url(dest_url=continue_url,
_auth_domain=None,federated_identity=domain))
else:
login_url = users.create_login_url(dest_url=continue_url,
federated_identity='https://www.google.com/accounts/o8/id')
self.redirect(login_url)
application = webapp.WSGIApplication(
[
('/_ah/login_required', OpenIDLoginHandler)],
debug=True)
def main():
run_wsgi_app(application)
if __name__ == "__main__":
main()
I've tried overriding the destination url in the users.create_login_url call - the function still returns a login_url with the appspot domain as the 'continue' parameter, like this:
"https://appspot_domain/_ah/login_redir?claimid=https://www.google.com/accounts/o8/id&continue=https://appspot_domain"
I attempted simply rewriting the returned login_url and replacing the 'continue' parameter with my custom domain, but this resulted in a 404 error.
Any thoughts?
Thanks in advance!
I'm not sure this is an option for you, but the next release of app engine claims to have support for ssl on custom domains (http://code.google.com/appengine/business/). If your application won't be in production for a while maybe it would just be easier to wait until they officially add support. They appear to be on a ~3 month release cycle (http://code.google.com/appengine/docs/revision_history.html)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With