From b27483de9c082eaca77976cc3c6d951c2301481a Mon Sep 17 00:00:00 2001
From: Nick O'Leary <nick.oleary@gmail.com>
Date: Wed, 8 May 2024 15:09:51 +0100
Subject: [PATCH] Avoid login loops when autoLogin enabled but login fails
 Fixes #4363

---
 .../node_modules/@node-red/editor-api/lib/auth/index.js    | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/packages/node_modules/@node-red/editor-api/lib/auth/index.js b/packages/node_modules/@node-red/editor-api/lib/auth/index.js
index eefdd85e0..e39e972db 100644
--- a/packages/node_modules/@node-red/editor-api/lib/auth/index.js
+++ b/packages/node_modules/@node-red/editor-api/lib/auth/index.js
@@ -205,9 +205,10 @@ function genericStrategy(adminApp,strategy) {
     passport.use(new strategy.strategy(options, verify));
 
     adminApp.get('/auth/strategy',
-        passport.authenticate(strategy.name, {session:false,
+        passport.authenticate(strategy.name, {
+            session:false,
             failureMessage: true,
-            failureRedirect: settings.httpAdminRoot
+            failureRedirect: settings.httpAdminRoot + '?session_message=Login Failed'
         }),
         completeGenerateStrategyAuth,
         handleStrategyError
@@ -221,7 +222,7 @@ function genericStrategy(adminApp,strategy) {
         passport.authenticate(strategy.name, {
             session:false,
             failureMessage: true,
-            failureRedirect: settings.httpAdminRoot
+            failureRedirect: settings.httpAdminRoot + '?session_message=Login Failed'
         }),
         completeGenerateStrategyAuth,
         handleStrategyError