Jennie Robinson Faber
3ad22a8b67
Clicking the wiki magic-link email was producing SessionNotFound: 'interaction session id cookie not found' from provider.interactionFinished, because that call requires the short-lived _interaction cookie to be present on the request. It isn't, when: - the user clicks the email on a different device or browser - the interaction cookie already expired - the user is in private/incognito browsing Those unhandled errors previously bounced to /coming-soon via the coming-soon middleware, stranding users on the pre-register page. Instead of relying on the interaction cookie at the magic-link step: 1. Verify the JWT, look up the member, set the auth-token cookie. 2. Redirect the user back to https://wiki.ghostguild.org. 3. Outline re-initiates OIDC, which creates a fresh interaction whose cookie IS present on the same request, and [uid].get.ts SSOs the user in via the auth-token cookie we just set. Also swap the createError throws for sendRedirect to /auth/oidc-error so token/member/status failures land on the styled error page rather than Nitro's default unhandled-error response. |
||
|---|---|---|
| .. | ||
| api | ||
| config | ||
| emails | ||
| middleware | ||
| migrations | ||
| models | ||
| plugins | ||
| routes | ||
| utils | ||