fix(auth): add authentication guard and routing logic#66
Merged
Conversation
Implement AuthGuard component to check authentication state on app load and redirect users appropriately based on setup and authentication status. Changes: - Create AuthContext to provide user, oidcEnabled, and refreshAuth to the app - Create AuthGuard component that checks auth state and redirects: - If setupRequired → redirect to /setup - If not authenticated → redirect to /login - If authenticated → render protected routes - Wrap AppShell routes with AuthGuard in App.tsx - Update SetupPage to check if setup is required on mount and redirect to /login if already complete - Update SetupPage to redirect to /login after successful setup - Update LoginPage to check if already authenticated and redirect to home - Update LoginPage to use navigate() instead of window.location.href - Update ProfilePage to use AuthContext instead of separate getProfile call - Display loading state while auth check is in progress Fixes the issue where users were not redirected to /setup on fresh install. Co-Authored-By: Claude frontend-developer (Opus 4.6) <noreply@anthropic.com>
- Fix App.test.tsx to mock getAuthMe() and handle async auth loading - Fix LoginPage.test.tsx to wrap component in AuthProvider - Fix ProfilePage.test.tsx to mock useAuth() instead of getProfile() - Add AuthGuard.test.tsx (7 tests: loading, redirects, auth states) - Add AuthContext.test.tsx (7 tests: provider, refresh, error handling) Co-Authored-By: Claude qa-integration-tester (Opus 4.6) <noreply@anthropic.com>
Contributor
|
🎉 This PR is included in version 1.7.0-beta.9 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This was referenced Feb 13, 2026
Contributor
|
🎉 This PR is included in version 1.7.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR implements the missing authentication guard that checks auth state on app load and redirects users appropriately. This fixes the issue where users on a fresh install were not presented with the setup screen.
Changes
client/src/contexts/AuthContext.tsx): Providesuser,oidcEnabled,isLoading,error, andrefreshAuth()to all componentsclient/src/components/AuthGuard/AuthGuard.tsx): Guards protected routes by checking auth state and redirecting:setupRequired === true→ redirect to/setupuser === null(not authenticated) → redirect to/loginuser !== null(authenticated) → render protected routes/loginif already complete/loginafter successful setup (instead of showing success message)navigate()for redirect after login instead ofwindow.location.hrefgetProfile()callTesting
All quality gates pass:
npm run lint— 0 errorsnpm run typecheck— all cleannpm run format:check— all cleannpm run build— successnpm audit— 0 vulnerabilitiesExpected Behavior
/setup/login/setupwhen setup is complete: Redirects to/login/loginwhen already authenticated: Redirects to homeGenerated with Claude Code