groombook/app
Archived
13
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(gro-56): guard dev login page behind import.meta.env.DEV

Browse Source 
The DevLoginSelector page (including the "Continue as default dev user"
button) was rendering in production when AUTH_DISABLED=true. This guards
the /login route so the page only renders in Vite development mode
(import.meta.env.DEV). Also removes the skip-login button entirely since
it bypassed user selection without any identity assertion.

- Guard /login route with import.meta.env.DEV in App.tsx
- Remove skipLogin button from DevLoginSelector.tsx
- Add vite/client types to web tsconfig
- Remove corresponding e2e test

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Flea Flicker
2026-03-27 01:10:34 +00:00
parent eeda5099be
commit cd5feb1a14
4 changed files with 4 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/e2e/tests/login.spec.ts
-8
View File
@@ -55,14 +55,6 @@ test.describe("DevLoginSelector", () => {
expect(JSON.parse(devUser!)).toMatchObject({ type: "client", id: "client-1", name: "Carol Client" });
});
test("skip login removes dev-user and navigates to /admin", async ({ page }) => {
await page.goto("/login");
await page.getByText("Continue as default dev user").click();
await expect(page).toHaveURL("/admin");
const devUser = await page.evaluate(() => localStorage.getItem("dev-user"));
expect(devUser).toBeNull();
});
test("no users available shows empty sections", async ({ page }) => {
await page.route("**/api/dev/users", (route) =>
route.fulfill({ json: { staff: [], clients: [] } })