Skip to content

Commit 32c2bdf

Browse files
committed
fix(webapp): also clear stale auth errors stored by the previous session format
Sessions written before the flash fix stored auth:error with session.set, which get() does not auto-clear. Unset it explicitly after reading so those sessions heal on their next visit instead of carrying the stale error until the cookie expires.
1 parent fbdedf7 commit 32c2bdf

2 files changed

Lines changed: 8 additions & 0 deletions

File tree

apps/webapp/app/routes/login._index/route.tsx

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -121,6 +121,11 @@ export async function loader({ request }: LoaderFunctionArgs) {
121121
// attempts look like they failed.
122122
const userSession = await getUserSession(request);
123123
const error = userSession.get("auth:error");
124+
// get() only auto-clears flash-stored values. Sessions written before this
125+
// fix stored the error with set(), which survives get() + commit — unset it
126+
// explicitly so those sessions heal too instead of showing the stale error
127+
// until the cookie's one-year maxAge runs out.
128+
userSession.unset("auth:error");
124129

125130
let authError: string | undefined;
126131
if (error) {

apps/webapp/app/routes/login.magic/route.tsx

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -91,6 +91,9 @@ export async function loader({ request }: LoaderFunctionArgs) {
9191
}
9292

9393
const error = session.get("auth:error");
94+
// Same migration hygiene as /login: pre-fix sessions stored this with
95+
// set(), which get() doesn't clear — unset so the commit below removes it.
96+
session.unset("auth:error");
9497

9598
const redirectTo = sanitized === "/" ? null : sanitized;
9699
const headers = new Headers();

0 commit comments

Comments
 (0)