Update:Openid auth endpoint sets the mobile flag on session to be use…

…d in the callback

Co-authored-by: Denis Arnst <[email protected]>

server/Auth.js

@@ -187,15 +187,15 @@ class Auth {
    * @param {import('express').Response} res
    */
   paramsToCookies(req, res) {
-    if (req.query.isRest?.toLowerCase() == "true") {
+    if (req.query.isRest?.toLowerCase() == 'true') {
       // store the isRest flag to the is_rest cookie 
       res.cookie('is_rest', req.query.isRest.toLowerCase(), {
         maxAge: 120000, // 2 min
         httpOnly: true
       })
     } else {
       // no isRest-flag set -> set is_rest cookie to false
-      res.cookie('is_rest', "false", {
+      res.cookie('is_rest', 'false', {
         maxAge: 120000, // 2 min
         httpOnly: true
       })
@@ -323,7 +323,8 @@ class Auth {
 
         req.session[sessionKey] = {
           ...req.session[sessionKey],
-          ...pick(params, 'nonce', 'state', 'max_age', 'response_type')
+          ...pick(params, 'nonce', 'state', 'max_age', 'response_type'),
+          mobile: req.query.isRest?.toLowerCase() === 'true' // Used in the abs callback later
         }
 
         // Now get the URL to direct to