Skip to content

Implement logout redirection for reverse proxy setups#36085

Open
eliroca wants to merge 1 commit intogo-gitea:mainfrom
eliroca:logout_redirect_main
Open

Implement logout redirection for reverse proxy setups#36085
eliroca wants to merge 1 commit intogo-gitea:mainfrom
eliroca:logout_redirect_main

Conversation

@eliroca
Copy link
Copy Markdown

@eliroca eliroca commented Dec 4, 2025

When authentication is handled externally by a reverse proxy or SSO provider, users can be redirected to an external logout URL or relative path defined on the reverse proxy.

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Dec 4, 2025
@github-actions github-actions bot added modifies/go Pull requests that update Go code modifies/templates This PR modifies the template files docs-update-needed The document needs to be updated synchronously labels Dec 4, 2025
@eliroca eliroca mentioned this pull request Dec 4, 2025
Closed
silverwind
silverwind reviewed Dec 4, 2025
View reviewed changes
silverwind
silverwind reviewed Dec 4, 2025
View reviewed changes
@eliroca eliroca force-pushed the logout_redirect_main branch 4 times, most recently from 63a3a81 to fa7ee5a Compare December 9, 2025 09:33
lunny
lunny reviewed Dec 9, 2025
View reviewed changes
@wxiaoguang
Copy link
Copy Markdown
Contributor

wxiaoguang commented Mar 2, 2026

After Implements OIDC RP-Initiated Logout #36724, you can redirect to anywhere you want, and no need to play with the frontend JS anymore.

@silverwind
Copy link
Copy Markdown
Member

silverwind commented Mar 2, 2026

So we close this?

@wxiaoguang
Copy link
Copy Markdown
Contributor

wxiaoguang commented Mar 2, 2026

So we close this?

Why?

@eliroca
Copy link
Copy Markdown
Author

eliroca commented Mar 3, 2026

So we close this?

I'll rebase and update the patch this week.

@silverwind
Copy link
Copy Markdown
Member

silverwind commented Mar 3, 2026

So we close this?

Why?

Sorry, misread.

@eliroca eliroca force-pushed the logout_redirect_main branch from fa7ee5a to 29ae0fb Compare April 3, 2026 16:53
@github-actions github-actions bot removed the modifies/templates This PR modifies the template files label Apr 3, 2026
@eliroca eliroca changed the title Enable logout redirection for reverse proxy setups Implement logout redirection for reverse proxy setups Apr 3, 2026
wxiaoguang
wxiaoguang reviewed Apr 3, 2026
View reviewed changes
@eliroca eliroca force-pushed the logout_redirect_main branch from 29ae0fb to 6be3cad Compare April 3, 2026 17:04
@eliroca
Copy link
Copy Markdown
Author

eliroca commented Apr 8, 2026

Can this be included in the upcoming 1.26.0 release?

lunny
lunny previously approved these changes Apr 8, 2026
View reviewed changes
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Apr 8, 2026
silverwind
silverwind previously approved these changes Apr 8, 2026
View reviewed changes
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Apr 8, 2026
wxiaoguang
wxiaoguang reviewed Apr 8, 2026
View reviewed changes
@wxiaoguang wxiaoguang marked this pull request as draft April 8, 2026 23:29
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. labels Apr 8, 2026
@GiteaBot GiteaBot added lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Apr 8, 2026
@silverwind silverwind added the backport/v1.26 This PR should be backported to Gitea 1.26 label Apr 9, 2026
@eliroca eliroca force-pushed the logout_redirect_main branch from 6be3cad to 1ef7532 Compare April 9, 2026 14:02
@eliroca eliroca marked this pull request as ready for review April 9, 2026 14:06
@eliroca
Implement logout redirection for reverse proxy setups
d43ec47 
When authentication is handled externally by a reverse proxy,
users can be redirected to an external logout URL or relative path
defined on the reverse proxy.
@eliroca eliroca force-pushed the logout_redirect_main branch from c4881dc to d43ec47 Compare April 9, 2026 14:06
@silverwind
Copy link
Copy Markdown
Member

silverwind commented Apr 9, 2026

Don't force-push to PR branches please.

@eliroca
Copy link
Copy Markdown
Author

eliroca commented Apr 9, 2026

Don't force-push to PR branches please.

Why not? Github is able to handle it and show only what changed between states.

@silverwind
Copy link
Copy Markdown
Member

silverwind commented Apr 9, 2026
edited
Loading

I can't see what has changed since your last commit. It's all just one commit now. It's important for the review to see how feedback was addressed.

We will squash on merge, so there's no reason to prematurely squash on the PR branch.

@eliroca
Copy link
Copy Markdown
Author

eliroca commented Apr 9, 2026

I can't see what has changed since your last commit. It's all just one commit now. It's important for the review to see how feedback was addressed.

We will squash on merge, so there's no reason to prematurely squash on the PR branch.

There is a way to see what changed since last commit, but I get your point, I'll try to keep the force-pushing to a minimum.

image

@silverwind
Copy link
Copy Markdown
Member

silverwind commented Apr 9, 2026

Interesting, I didn't know GitHub had that feature. But yes prefer not to force-push still 😉.

@wxiaoguang
Copy link
Copy Markdown
Contributor

wxiaoguang commented Apr 9, 2026

I can't see what has changed since your last commit. It's all just one commit now. It's important for the review to see how feedback was addressed.
We will squash on merge, so there's no reason to prematurely squash on the PR branch.

There is a way to see what changed since last commit, but I get your point, I'll try to keep the force-pushing to a minimum.

No, it only shows the diff between last force push and previous force push, the more history commits are still lost.

https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md

image

@wxiaoguang
Copy link
Copy Markdown
Contributor

wxiaoguang commented Apr 9, 2026

#36085 (comment)

And, if a user is logged in via non-reverse-proxy-auth, should they also be redirected to the ReverseProxyLogoutRedirect ?

What do you think about this case? For example: on an instance, reverse-proxy-auth is enabled, and a user login via other methods (e.g.: OAuth2 or password form), is it possible?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wxiaoguang wxiaoguang wxiaoguang left review comments

@lunny lunny lunny left review comments

@silverwind silverwind silverwind left review comments

+1 more reviewer

@a1012112796 a1012112796 a1012112796 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

backport/v1.26 This PR should be backported to Gitea 1.26 docs-update-needed The document needs to be updated synchronously lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. modifies/go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@eliroca @wxiaoguang @silverwind @lunny @a1012112796 @GiteaBot