neuron-technologies/neuron-web
2
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix magic-link sign-in: implicit flow + redirect to /account #138

Merged
will.anderson merged 1 commits from fix/magic-link-flow into dev 2026-05-12 19:33:07 +00:00
Conversation 0 Commits 1 Files Changed 1
+5 -2
will.anderson commented 2026-05-12 19:32:50 +00:00
Owner
Copy Link
Copy Source

The 'Continue with email' button on /account was broken for sign-in:

  1. PKCE/implicit mismatchaccount-auth.el used flowType: 'pkce', but account-dashboard.el uses 'implicit'. After clicking the magic link, the dashboard client couldn't exchange the PKCE code, so sign-in silently failed.

  2. Wrong redirect — No emailRedirectTo was set, so the link landed on the site homepage instead of /account.

Both fixed: match implicit flow, add emailRedirectTo: origin + '/account'.

The 'Continue with email' button on /account was broken for sign-in: 1. **PKCE/implicit mismatch** — `account-auth.el` used `flowType: 'pkce'`, but `account-dashboard.el` uses `'implicit'`. After clicking the magic link, the dashboard client couldn't exchange the PKCE code, so sign-in silently failed. 2. **Wrong redirect** — No `emailRedirectTo` was set, so the link landed on the site homepage instead of `/account`. Both fixed: match implicit flow, add `emailRedirectTo: origin + '/account'`.
will.anderson added 1 commit 2026-05-12 19:32:53 +00:00
Fix magic-link sign-in: implicit flow + redirect to /account
Dev — Build & local smoke test / build-smoke (pull_request) Successful in 1m42s
Details
b6aecd7d89 
account-auth.el was using flowType:'pkce' while account-dashboard.el
uses 'implicit'. After the OTP redirect, the dashboard's implicit
client couldn't exchange the PKCE code — so the sign-in silently
failed. Fix: match implicit flow across both clients.

Also adds emailRedirectTo so the link lands on /account instead of
the site root.
will.anderson merged commit 708dfd06cb into dev 2026-05-12 19:33:07 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No labels
Milestone
No items
No Milestone
Projects
Clear projects
No projects
Assignees
Clear assignees
tim.lingo (Tim Lingo) will.anderson (Will Anderson)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: neuron-technologies/neuron-web#138
Delete Branch "fix/magic-link-flow"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?