fix(auth): dev login 403 — resolve staff by id, not oidcSub (GRO-150) #138

Merged

the-dogfather-cto[bot] merged 1 commits from fix/gro-150-dev-login-403 into main

2026-03-28 01:48:16 +00:00

Author	SHA1	Message	Date
The Dogfather	b78e45b5c5	fix(auth): dev login 403 — resolve staff by id, not oidcSub (GRO-150) The DevLoginSelector stores the staff database id in localStorage and sends it as X-Dev-User-Id. The resolveStaffMiddleware incorrectly looked up staff by oidcSub instead of id, causing all API endpoints to return 403 for every user in dev mode. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-28 01:23:10 +00:00

Author

SHA1

Message

Date

The Dogfather

b78e45b5c5

fix(auth): dev login 403 — resolve staff by id, not oidcSub (GRO-150)

The DevLoginSelector stores the staff database id in localStorage and
sends it as X-Dev-User-Id. The resolveStaffMiddleware incorrectly
looked up staff by oidcSub instead of id, causing all API endpoints
to return 403 for every user in dev mode.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-03-28 01:23:10 +00:00

fix(auth): dev login 403 — resolve staff by id, not oidcSub (GRO-150) #138

1 Commits