fix(auth): prevent anonymous session creation on auth pages
Avoid bootstrapping anonymous sessions when users are on sign-in or sign-up pages to prevent overwriting account-scoped preferences after login. Adjust loading logic to account for this scenario.
This commit is contained in:
parent
335b78b435
commit
d581df6f88
1 changed files with 12 additions and 1 deletions
|
|
@ -148,6 +148,17 @@ export function AuthLoader({ children }: { children: ReactNode }) {
|
|||
return;
|
||||
}
|
||||
|
||||
// Don't bootstrap a throwaway anonymous session while the user is on the
|
||||
// sign-in / sign-up pages. An anonymous user created here would be linked
|
||||
// into their account on login (onLinkAccount), clobbering account-scoped
|
||||
// preferences such as the changelog "last seen version" and re-showing the
|
||||
// changelog on every fresh login.
|
||||
if (isAuthPage) {
|
||||
setIsAutoLoggingIn(false);
|
||||
setBootstrapError(null);
|
||||
return;
|
||||
}
|
||||
|
||||
// Avoid double-calling anonymous sign-in (e.g. React strict mode).
|
||||
if (attemptedForNullSessionRef.current) return;
|
||||
attemptedForNullSessionRef.current = true;
|
||||
|
|
@ -244,7 +255,7 @@ export function AuthLoader({ children }: { children: ReactNode }) {
|
|||
const shouldBlockForDisallowedAnonymous =
|
||||
!allowAnonymousAuthSessions && Boolean(session?.user?.isAnonymous);
|
||||
const isLoading = (
|
||||
(allowAnonymousAuthSessions && (isPending || isAutoLoggingIn || !session)) ||
|
||||
(allowAnonymousAuthSessions && !isAuthPage && (isPending || isAutoLoggingIn || !session)) ||
|
||||
(!allowAnonymousAuthSessions && !isAuthPage && (
|
||||
isPending || isRedirecting || shouldBlockForProtectedNoSession || shouldBlockForDisallowedAnonymous
|
||||
))
|
||||
|
|
|
|||
Loading…
Reference in a new issue