Skip to content

Allow direct navigation to protected routes without requiring sign-in on every visit #1

Description

@mynameistito

Description

Currently, when users try to access a protected route directly (like /dashboard), they get redirected to the main domain root instead of staying on that route. Users have to click the sign-in button every time, and the OAuth callback generates a new unique code on each page refresh (e.g., ?code=XXXXXXXXXXXXXXXXX), which forces re-authentication.

(tested only on the remote opensync.dev site)

Expected behavior

  • Users should be able to navigate directly to any protected route and remain logged in across sessions
  • Authentication tokens should persist properly so refreshing the page doesn't trigger a new sign-in flow
  • After successful authentication, users should be redirected back to the route they originally requested, not the root

Current behavior

  • Direct navigation to protected routes redirects to the main domain root
  • Every page refresh requires clicking sign-in again
  • A new callback code is generated on each visit
  • Users lose their session state on page refresh

Why this matters

This creates friction for regular users and makes it impossible to bookmark or share links to specific dashboard views. It also means re-authenticating happens far more often than it should.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions