HTTPS and Facebook login


(Coin-coin le Canapin) #1

Hi,
My Facebook login doesn’t work anymore after switching my Discourse to HTTPS.

The FB login popup URL contains this:

redirect_uri%3Dhttp%253A%252F%252Fmy.website.org%252Fauth%252Ffacebook%252Fcallback

Which is an HTTP link instead of an HTTPS link.
In my Facebook login API settings, I have only https://my.website.org/auth/facebook/callback as my Oauth redirect URL.

Any idea how to fix this?


(Bhanu Sharma) #2

Have You enabled Force HTTPS in DIscourse Settings?


(Coin-coin le Canapin) #3

I didn’t because I believe it would crash my Discourse if any inner link is HTTP… Is a “Force” option a proper solution regarding my issue? Could I fix this by another way?


(Bhanu Sharma) #4

Well, For oAuth to Work, Your site needs to be HTTPS and the issue that server is passing http link instead of https is due to the fact that HTTPS isn’t enabled from Your Discourse.

Try enabling it if that Fixes!

Ps: if Your site is already showing a Green padlock when accessed over ssl then it shouldn’t be much of an issue to force HTTPS.


(Coin-coin le Canapin) #5

Yes it has a beautiful green padlock. Before enabling this option, could this issue com from Apache/Nginx config?


(Bhanu Sharma) #6

As long as You’re using the Officially supported installation method, It can not be from Nginx Side (Discourse doesn’t use apache2)


(Coin-coin le Canapin) #7

Hi again. My sysadmin modified a config file from Nginx and the Facebook login now works perfectly with HTTPS.


(Cosmin Tătaru) #8

Hi @canapin
Can you please ask your admin to provide the changes they made and share them with us.?