chore(GRO-1592): promote dev→uat SSO session cookie fix #16

Merged

The Dogfather merged 5 commits from promote-uat-gro1592 into uat 2026-05-23 14:13:43 +00:00

Conversation 0 Commits 5 Files Changed 2

+2 -1

The Dogfather commented 2026-05-23 14:13:32 +00:00

Member

Copy Link

Copy Source

Promotion PR: promote dev → uat

Summary

• Fixed frontend auth client baseURL fallback to use window.location.origin
• Added UAT test case TC-AUTH-5.3.4 for SSO session cookie verification

Acceptance

• Lint ✅
• Typecheck ✅
• Tests ✅

cc @cpfarhood

Promotion PR: promote dev → uat ## Summary - Fixed frontend auth client baseURL fallback to use window.location.origin - Added UAT test case TC-AUTH-5.3.4 for SSO session cookie verification ## Acceptance - Lint ✅ - Typecheck ✅ - Tests ✅ cc @cpfarhood

The Dogfather added 5 commits 2026-05-23 14:13:32 +00:00

Merge pull request 'feat: extract groombook/web from monorepo (GRO-903)' (#1) from dev into main ... f70dd96c65

feat: extract groombook/web from monorepo (GRO-903)

Bootstrap exception: dev → main

QA: Lint Roller (#2753)
CTO: The Dogfather (#2764)
CI: Lint & Typecheck ✓, Tests ✓, Docker Build ✓
UAT_PLAYBOOK.md: present

fix(GRO-1592): fallback auth baseURL to window.location.origin ... 35d31a984d

When VITE_API_URL is not set (e.g. in Docker/container deployments
where the env var was never injected), fallback to
window.location.origin so the auth client uses relative URLs and
cookies are sent to the correct origin.

Previously the fallback was empty string "", which caused the auth
client to default to http://localhost:3000 — the nginx sub_filter
workaround only handles strings baked into the JS bundle at build
time, not runtime-constructed URLs.

Fixes: SSO session cookie not set in browser after Authentik callback

Co-Authored-By: Paperclip <noreply@paperclip.ing>

docs(UAT_PLAYBOOK): add TC-AUTH-5.3.4 — SSO cookie after Authentik callback ... 8ee58471b2

Documents the acceptance criteria for GRO-1592: after completing
Authentik SSO login without VITE_API_URL set, the
__Secure-better-auth.session_token cookie must be present in the
browser and sent with subsequent /api/* calls.

Updated: UAT_PLAYBOOK.md §5.3

Co-Authored-By: Paperclip <noreply@paperclip.ing>

Merge pull request 'fix(GRO-1592): fallback auth baseURL to window.location.origin' (#15) from fix/gro-1592-sso-session-cookie into dev 80101fc37c

chore: promote dev→uat for GRO-1592 SSO session cookie fix ... 93da2f1dd8

- Fixed frontend auth client baseURL fallback to use window.location.origin
- Added UAT test coverage (TC-AUTH-5.3.4)

Co-Authored-By: Paperclip <noreply@paperclip.ing>

The Dogfather merged commit 0306c7fbd9 into uat 2026-05-23 14:13:43 +00:00

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

bug

Something isn't working

documentation

Improvements or additions to documentation

duplicate

This issue or pull request already exists

enhancement

New feature or request

good first issue

Good for newcomers

help wanted

Extra attention is needed

invalid

This doesn't seem right

question

Further information is requested

wontfix

This will not be worked on

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

ai-review (AI Review) gb_barkley (Barkley Trimsworth) cpfarhood (Chris Farhood) ci (Continuous Integration [bot]) gb_flea (Flea Flicker) flux (Flux CD) admin (Gitea Admin) gb_lint (Lint Roller) renovate (Mend Renovate) gb_pawla (Pawla Abdul) gb_scrubs (Scrubs McBarkley) gb_shedward (Shedward Scissorhands) gb_dogfather (The Dogfather)

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: groombook/web#16