feat(navigation): persist last-port for next-login + root → /dashboard
Login routing previously always landed at the user's first port-role.
With a multi-port operator (super-admins, multi-tenant ops) the active
port reverted on every login, breaking the "I was working in X
yesterday" continuity.
- PortProvider PATCHes `/api/v1/me` with `preferences.defaultPortId =
currentPort.id` whenever the active port changes (URL or explicit
switch). Ref-keyed dedupe; fire-and-forget so navigation isn't
blocked by a transient PATCH failure.
- UserMenu's port-switcher also writes the preference on click so the
preference is captured even for users who never re-render through
PortProvider.
- /dashboard resolver checks `preferences.defaultPortId` first, falling
back to first-port-by-name (super-admin) or first-role (everyone
else). The preference is verified against current access before being
honoured — a stale id from a revoked role or archived port can't
strand the user on a 403.
- Add /src/app/page.tsx that redirects `/` → `/dashboard` so the
middleware's `redirect=/` post-login parameter doesn't dump users on
an empty 404. The existing /dashboard handler then routes them on to
their resolved port.
- UserMenu sign-out: replace `router.push('/api/auth/sign-out')` (which
issued a GET against better-auth's POST-only endpoint, causing Safari
and Comet/Arc to land the JSON response as a `sign_out` download)
with `signOut()` from the auth client + an explicit redirect.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -19,6 +19,8 @@ import { LogOut, Settings, Bell, Check, Building2 } from 'lucide-react';
|
||||
import { type ReactNode } from 'react';
|
||||
|
||||
import { useUIStore } from '@/stores/ui-store';
|
||||
import { signOut } from '@/lib/auth/client';
|
||||
import { apiFetch } from '@/lib/api/client';
|
||||
import {
|
||||
DropdownMenu,
|
||||
DropdownMenuContent,
|
||||
@@ -61,6 +63,16 @@ export function UserMenu({ trigger, align = 'end', user, ports }: UserMenuProps)
|
||||
// All cached queries are port-scoped - invalidate so they refetch with
|
||||
// the new X-Port-Id header.
|
||||
queryClient.invalidateQueries();
|
||||
// Remember the choice so the next login lands here automatically.
|
||||
// Fire-and-forget — failure shouldn't block the navigation, and any
|
||||
// stale value is harmless (the post-login resolver verifies access
|
||||
// before honouring it).
|
||||
void apiFetch('/api/v1/me', {
|
||||
method: 'PATCH',
|
||||
body: { preferences: { defaultPortId: port.id } },
|
||||
}).catch(() => {
|
||||
/* silent — best-effort */
|
||||
});
|
||||
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
||||
router.push(`/${port.slug}/dashboard` as any);
|
||||
}
|
||||
@@ -122,7 +134,16 @@ export function UserMenu({ trigger, align = 'end', user, ports }: UserMenuProps)
|
||||
<DropdownMenuSeparator />
|
||||
<DropdownMenuItem
|
||||
className="text-destructive focus:text-destructive"
|
||||
onClick={() => router.push('/api/auth/sign-out')}
|
||||
// `router.push` to /api/auth/sign-out issued a GET against
|
||||
// better-auth's POST-only endpoint. Safari (and other browsers
|
||||
// serving JSON without a matching renderer) treat that as a
|
||||
// file download — the response landed on disk as a `sign_out`
|
||||
// file instead of signing the user out. Call the auth client
|
||||
// directly to issue a proper POST, then redirect to /login.
|
||||
onClick={async () => {
|
||||
await signOut();
|
||||
router.push('/login');
|
||||
}}
|
||||
>
|
||||
<LogOut className="w-4 h-4 mr-2" aria-hidden />
|
||||
Sign Out
|
||||
|
||||
Reference in New Issue
Block a user