on first try of the day, app sometimes does not complete sign-in flow #20
Description
This has been hard to reproduce consistently. It seems to happen only when the app hasn't been run locally for awhile.
To (try to) reproduce:
- type in your target repo name
- hit enter to submit the form
The unexpected behavior:
App contact GH auth page, is successfully redirected with state and code in the query string, but state in qs doesn't match state stored locally so app doesn't proceed with auth flow.
Things I haven't had a chance to observe yet:
When does this new, unmatching state token get created and stored? Does it happen before the app hits GH auth endpoint? Or does it happen after the user is redirected back to the app URL?