ghostguild-org

jennie/ghostguild-org

Fork 0

History

Jennie Robinson Faber 3ad22a8b67 Some checks failed Test / vitest (push) Failing after 6m13s Details Test / visual (push) Has been skipped Details Test / playwright (push) Has been skipped Details Test / Notify on failure (push) Successful in 3s Details fix(auth): survive missing OIDC interaction cookie on magic-link click Clicking the wiki magic-link email was producing SessionNotFound: 'interaction session id cookie not found' from provider.interactionFinished, because that call requires the short-lived _interaction cookie to be present on the request. It isn't, when: - the user clicks the email on a different device or browser - the interaction cookie already expired - the user is in private/incognito browsing Those unhandled errors previously bounced to /coming-soon via the coming-soon middleware, stranding users on the pre-register page. Instead of relying on the interaction cookie at the magic-link step: 1. Verify the JWT, look up the member, set the auth-token cookie. 2. Redirect the user back to https://wiki.ghostguild.org. 3. Outline re-initiates OIDC, which creates a fresh interaction whose cookie IS present on the same request, and [uid].get.ts SSOs the user in via the auth-token cookie we just set. Also swap the createError throws for sendRedirect to /auth/oidc-error so token/member/status failures land on the styled error page rather than Nitro's default unhandled-error response.	2026-04-15 18:18:33 +01:00
..
interaction	fix(auth): survive missing OIDC interaction cookie on magic-link click	2026-04-15 18:18:33 +01:00
[...].ts	fix(auth): rewire OIDC logout/error flow through Nuxt pages	2026-04-11 23:21:46 +01:00

Jennie Robinson Faber 3ad22a8b67

Test / vitest (push) Failing after 6m13s

Details

Test / visual (push) Has been skipped

Details

Test / playwright (push) Has been skipped

Details

Test / Notify on failure (push) Successful in 3s

Details

fix(auth): survive missing OIDC interaction cookie on magic-link click

Clicking the wiki magic-link email was producing SessionNotFound:
'interaction session id cookie not found' from
provider.interactionFinished, because that call requires the short-lived
_interaction cookie to be present on the request. It isn't, when:

- the user clicks the email on a different device or browser
- the interaction cookie already expired
- the user is in private/incognito browsing

Those unhandled errors previously bounced to /coming-soon via the
coming-soon middleware, stranding users on the pre-register page.

Instead of relying on the interaction cookie at the magic-link step:

1. Verify the JWT, look up the member, set the auth-token cookie.
2. Redirect the user back to https://wiki.ghostguild.org.
3. Outline re-initiates OIDC, which creates a fresh interaction whose
   cookie IS present on the same request, and [uid].get.ts SSOs the user
   in via the auth-token cookie we just set.

Also swap the createError throws for sendRedirect to /auth/oidc-error so
token/member/status failures land on the styled error page rather than
Nitro's default unhandled-error response.

2026-04-15 18:18:33 +01:00

interaction

fix(auth): survive missing OIDC interaction cookie on magic-link click

2026-04-15 18:18:33 +01:00

[...].ts

fix(auth): rewire OIDC logout/error flow through Nuxt pages

2026-04-11 23:21:46 +01:00