From 050d478621de87e3cf271c748fd7315fb8bd0b06 Mon Sep 17 00:00:00 2001 From: "groombook-engineer[bot]" <269742240+groombook-engineer[bot]@users.noreply.github.com> Date: Thu, 14 May 2026 19:25:36 +0000 Subject: [PATCH] fix(GRO-1236): set VITE_API_URL and use /admin as OAuth callback URL (#403) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Two root causes fixed: 1. VITE_API_URL was empty in .env.production, so Better-Auth's client had no baseURL and could not correctly route the OAuth callback. 2. OAuth callbackURL was window.location.origin (root path), causing Better-Auth to redirect to / instead of /admin after login — since unauthenticated users at / are redirected to /login, this created a loop that appeared as 'session not persisting.' With VITE_API_URL=https://uat.groombook.dev and callbackURL=/admin, the callback lands on /admin which renders the admin layout and correctly establishes the session cookie. Co-authored-by: Chris Farhood Co-authored-by: Paperclip --- apps/web/.env.production | 2 +- apps/web/src/App.tsx | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/apps/web/.env.production b/apps/web/.env.production index 292a14c..e201d90 100644 --- a/apps/web/.env.production +++ b/apps/web/.env.production @@ -1 +1 @@ -VITE_API_URL= +VITE_API_URL=https://uat.groombook.dev diff --git a/apps/web/src/App.tsx b/apps/web/src/App.tsx index f7b42c6..3e5e573 100644 --- a/apps/web/src/App.tsx +++ b/apps/web/src/App.tsx @@ -40,7 +40,10 @@ function LoginPage() { const handleSocialLogin = async (provider: string) => { setIsLoading(true); setError(null); - const result = await signIn.social({ provider, callbackURL: window.location.origin }); + // Use /admin as callback URL so Better-Auth redirects to the app's dashboard + // after the OAuth callback completes, rather than back to /login + const callbackURL = `${window.location.origin}/admin`; + const result = await signIn.social({ provider, callbackURL }); if (result?.error) { setError(result.error.message ?? "Sign-in failed"); setIsLoading(false);