diff --git a/app/signin/page.tsx b/app/signin/page.tsx index c093b02..6b50f65 100644 --- a/app/signin/page.tsx +++ b/app/signin/page.tsx @@ -9,75 +9,68 @@ export default function SignIn() { const router = useRouter(); const searchParams = useSearchParams(); const [initializationStatus, setInitializationStatus] = useState(null); + const [isLoggingIn, setIsLoggingIn] = useState(false); const hasAttemptedLogin = useRef(false); - const isLogoutRedirect = useRef(false); + + // Check URL parameters for logout flag + const logoutParam = searchParams.get('logout'); + const isLogoutRedirect = logoutParam === 'true'; - // Check if we should force login prompt (after logout) + // Debug logging useEffect(() => { - // Check for server-side cookie that marks logout - const forceLoginCookie = document.cookie - .split(';') - .find(c => c.trim().startsWith('force_login_prompt=')); - - // Check URL parameters for logout flag - const logoutParam = searchParams.get('logout'); - - // If logout occurred, mark it and prevent auto-login - if (forceLoginCookie || logoutParam === 'true') { - isLogoutRedirect.current = true; - - // Clear OAuth parameters from URL if present - const url = new URL(window.location.href); - const hasOAuthParams = url.searchParams.has('code') || - url.searchParams.has('state') || - url.searchParams.has('error'); - - if (hasOAuthParams) { - url.searchParams.delete('code'); - url.searchParams.delete('state'); - url.searchParams.delete('error'); - url.searchParams.delete('error_description'); - url.searchParams.set('logout', 'true'); - window.history.replaceState({}, '', url.toString()); - } - - // Don't auto-trigger login after logout - return; - } - }, [searchParams]); + console.log('[SignIn] Status:', status, 'Session:', !!session, 'Logout redirect:', isLogoutRedirect, 'Has attempted:', hasAttemptedLogin.current); + }, [status, session, isLogoutRedirect]); + // Clear stale force_login_prompt cookie on mount (it should only last 5 minutes) + useEffect(() => { + // If not a logout redirect, clear any stale force_login_prompt cookie + if (!isLogoutRedirect) { + const forceLoginCookie = document.cookie + .split(';') + .find(c => c.trim().startsWith('force_login_prompt=')); + + if (forceLoginCookie) { + console.log('[SignIn] Clearing stale force_login_prompt cookie'); + document.cookie = 'force_login_prompt=; path=/; expires=Thu, 01 Jan 1970 00:00:00 UTC'; + } + } + }, [isLogoutRedirect]); + + // Handle authentication redirect useEffect(() => { // If user is already authenticated, redirect to home if (status === "authenticated" && session?.user) { + console.log('[SignIn] User authenticated, redirecting to home'); router.push("/"); return; } - // Don't auto-login if this is a logout redirect or we've already attempted login - if (isLogoutRedirect.current || hasAttemptedLogin.current) { + // Don't auto-login if this is a logout redirect + if (isLogoutRedirect) { + console.log('[SignIn] Logout redirect detected, showing login button'); return; } - // Don't auto-login if status is still loading (might be processing OAuth callback) + // Don't auto-login if we've already attempted or are currently logging in + if (hasAttemptedLogin.current || isLoggingIn) { + return; + } + + // Don't auto-login if status is still loading if (status === "loading") { return; } // Auto-login for new users (SSO natural flow) - // Only if not authenticated and not from logout if (status === "unauthenticated") { + console.log('[SignIn] Status is unauthenticated, triggering Keycloak login'); hasAttemptedLogin.current = true; - // Small delay to ensure we're not in a logout redirect flow - const timer = setTimeout(() => { - if (status === "unauthenticated" && !isLogoutRedirect.current) { - // Trigger Keycloak sign-in (SSO will work naturally) - signIn("keycloak", { callbackUrl: "/" }); - } - }, 1000); + setIsLoggingIn(true); - return () => clearTimeout(timer); + // Trigger Keycloak sign-in immediately + signIn("keycloak", { callbackUrl: "/" }); } - }, [status, session, router]); + }, [status, session, router, isLogoutRedirect, isLoggingIn]); useEffect(() => { if (session?.user) { @@ -113,10 +106,6 @@ export default function SignIn() { } }, [session]); - // Show logout message if coming from logout - const showLogoutMessage = isLogoutRedirect.current || - searchParams.get('logout') === 'true'; - return (

- {showLogoutMessage + {isLogoutRedirect ? "Vous avez été déconnecté avec succès. Veuillez vous reconnecter." : initializationStatus === "initializing" ? "Initialisation de votre espace..." @@ -138,28 +127,22 @@ export default function SignIn() { ? "Initialisation réussie, redirection..." : initializationStatus === "failed" ? "Échec de l'initialisation. Veuillez réessayer." + : isLoggingIn + ? "Connexion à Keycloak en cours..." + : status === "loading" + ? "Chargement..." : "Redirection vers la page de connexion..."}

- {showLogoutMessage && ( + + {/* Show login button after logout OR if auto-login failed */} + {(isLogoutRedirect || (status === "unauthenticated" && hasAttemptedLogin.current && !isLoggingIn)) && (
)} - {initializationStatus === "initializing" && ( + + {(initializationStatus === "initializing" || isLoggingIn || status === "loading") && (
diff --git a/next.config.js b/next.config.js index d48bee4..2dba98c 100644 --- a/next.config.js +++ b/next.config.js @@ -1,5 +1,10 @@ /** @type {import('next').NextConfig} */ const nextConfig = { + // Allow cross-origin requests from the reverse proxy domain + allowedDevOrigins: [ + 'hub.slm-lab.net', + 'https://hub.slm-lab.net', + ], webpack: (config, { isServer }) => { // Handle node: protocol imports if (!isServer) {