fix(launcher): point app tiles at /dashboard so AuthGuard fires #47

Merged

YousifShkara merged 1 commit from fix/launcher-tile-to-dashboard into main 2026-06-03 03:37:12 +02:00

Conversation 0 Commits 1 Files changed 1 +1 -1

YousifShkara commented 2026-06-03 03:37:08 +02:00

Owner

Copy link

The two launcher tile templates in dashboard.rs (the dashboard top tiles
and the /applications grid) built href="https://{subdomain}.{base_domain}",
which lands on the child SPA's root - a public Home route in mokosh-apps
that AuthGuard doesn't gate. With no AuthGuard, the SPA never starts the
OIDC code+PKCE flow, so a member clicking 'Open Mokosh' sees the public
homepage instead of being signed in to the dashboard.

Append /dashboard to both hrefs. AuthGuard fires on the protected route,
notices no local session, calls start_login(cfg, ""), navigates to
bunyip-api's /oauth2/authorize, and the chain completes (assuming the
user has a bunyip session; otherwise they bounce through /login first).

Hardcoded landing path for now. A landing_path column on applications can
follow if first-party apps ever need different post-tile targets.

The two launcher tile templates in dashboard.rs (the dashboard top tiles and the /applications grid) built href="https://{subdomain}.{base_domain}", which lands on the child SPA's root - a public Home route in mokosh-apps that AuthGuard doesn't gate. With no AuthGuard, the SPA never starts the OIDC code+PKCE flow, so a member clicking 'Open Mokosh' sees the public homepage instead of being signed in to the dashboard. Append /dashboard to both hrefs. AuthGuard fires on the protected route, notices no local session, calls start_login(cfg, ""), navigates to bunyip-api's /oauth2/authorize, and the chain completes (assuming the user has a bunyip session; otherwise they bounce through /login first). Hardcoded landing path for now. A landing_path column on applications can follow if first-party apps ever need different post-tile targets.

YousifShkara self-assigned this 2026-06-03 03:37:08 +02:00

YousifShkara added 1 commit 2026-06-03 03:37:08 +02:00

fix(launcher): point app tiles at /dashboard so AuthGuard fires ... 3eee8269b7

The two launcher tile templates in dashboard.rs (the dashboard top tiles
and the /applications grid) built href="https://{subdomain}.{base_domain}",
which lands on the child SPA's root - a public Home route in mokosh-apps
that AuthGuard doesn't gate. With no AuthGuard, the SPA never starts the
OIDC code+PKCE flow, so a member clicking 'Open Mokosh' sees the public
homepage instead of being signed in to the dashboard.

Append /dashboard to both hrefs. AuthGuard fires on the protected route,
notices no local session, calls start_login(cfg, ""), navigates to
bunyip-api's /oauth2/authorize, and the chain completes (assuming the
user has a bunyip session; otherwise they bounce through /login first).

Hardcoded landing path for now. A landing_path column on applications can
follow if first-party apps ever need different post-tile targets.

YousifShkara merged commit efa868aada into main 2026-06-03 03:37:12 +02:00

YousifShkara deleted branch fix/launcher-tile-to-dashboard 2026-06-03 03:37:12 +02:00

YousifShkara referenced this pull request from a commit 2026-06-03 03:37:13 +02:00

Merge pull request 'fix(launcher): point app tiles at /dashboard so AuthGuard fires' (#47) from fix/launcher-tile-to-dashboard into main

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

YousifShkara

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

psa-systems/bunyip!47

No description provided.