- Add delay after login to ensure session cookies are set properly
- Fix client-side auth checks in dashboard to handle session refresh gracefully
- Remove conflicting client-side redirects from Navigation component
- All authentication now properly handled by unified server-side auth system
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
This commit fixes the persistent login/redirect loop issue and implements
a robust authentication system for the Docker/localhost environment.
Key Changes:
- Environment-aware cookie configuration in supabase-ssr.ts
- New AuthLoader component to prevent content flashing during auth checks
- Cleaned up login page client-side auth logic to prevent redirect loops
- Updated dashboard to use AuthLoader for smooth authentication experience
Technical Details:
- Cookies now use environment-appropriate security settings
- Server-side auth verification eliminates client-side timing issues
- Loading states provide better UX during auth transitions
- Unified authentication pattern across all protected pages
Fixes:
- Dashboard no longer flashes before auth redirect
- Login page loads cleanly without auth checking loops
- Cookie configuration works correctly in Docker localhost
- No more redirect loops between login and dashboard pages
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Client-side improvements (supabase.ts):
- Set detectSessionInUrl: false to prevent SSR redirect loops
- Add explicit cookieOptions with Docker-friendly settings
- Configure secure: false for localhost non-HTTPS
- Set sameSite: 'lax' for proper navigation cookie handling
Server-side improvements (supabase-ssr.ts):
- Add comprehensive default cookie options
- Ensure consistent cookie configuration across all server clients
- Set maxAge: 7 days for proper session persistence
- Maintain security with httpOnly: true
These changes address session persistence issues in Docker containers
and should resolve Stripe setup redirect loops for existing users.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Set secure: false for localhost (non-HTTPS) environment
- Configure sameSite: 'lax' to allow cookie transmission
- Ensure path: '/' for site-wide cookie access
- Maintain httpOnly: true for security
This should resolve session persistence issues in Docker containers.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Disable automatic auth check on login page to prevent conflicts
- Use window.location.replace instead of href to prevent back button issues
- Simplify login flow to eliminate competing redirects
- Add console logging for better debugging of login flow
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add null checks for cookies object in Supabase SSR client
- Fix auth test page to use Astro.cookies instead of Astro.request
- Prevent "Cannot read properties of undefined" errors in cookie handling
- Ensure proper unified auth usage pattern in test pages
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Import requireAuth function to fix ReferenceError
- Ensure auth test page has all necessary imports from unified auth module
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Install Playwright for automated browser testing
- Create comprehensive auth flow test script with screenshots
- Verify authentication fixes prevent flashing and redirect loops
- Generate visual proof that unified auth system works correctly
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Removed checkAuth() function and redirects from dashboard.astro
- Removed checkAuth() function and redirects from events/new.astro
- Updated to use Astro.cookies for better SSR compatibility
- Client-side code now focuses on data loading, not authentication
- Server-side unified auth system handles all protection
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Created single auth-unified.ts module as the source of truth
- Deprecated old auth.ts and simple-auth.ts (now proxy to unified)
- Fixed dashboard SSR auth using Astro.cookies for better compatibility
- Added comprehensive auth test page at /auth-test-unified
- Resolved cookie handling issues in Docker environment
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Change docker-compose.prod.yml from image: to build: configuration
- Remove image pulling from deployment script
- Add --build flag to docker-compose up command
- Fixes "image not found" error by building from local Dockerfile
This ensures the deployment script builds the image from source
instead of trying to pull a non-existent image from a registry.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Change from external bct-network to locally created network
- Fix docker-compose.astro.yml network definition
- Fix docker-compose.prod.yml network definition
- Prevents "undefined networks" error during deployment
Networks are now created automatically by Docker Compose
instead of requiring pre-existing external network.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add environment variable loading from .env file in main() function
- Use set -o allexport to export all variables from .env
- Load variables before check_env_vars() is called
- Fixes "Missing required environment variables" error
This ensures the deployment script can access all environment variables
from the .env file before validating they exist.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Update NGINX configuration for correct domain
- Update deployment guide with proper SSL certificate paths
- Update service URLs in documentation
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Multi-stage Dockerfile with Node.js 20 Alpine base
- Production and development docker-compose configurations
- Health check API endpoint for container monitoring
- Build and deployment scripts with versioning support
- Port 3000 configuration for nginx compatibility
- Non-root user and security hardening
- Resource limits and logging configuration
- Package.json scripts for Docker operations
This eliminates dependency conflicts and provides reproducible deployments.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Downgrade @astrojs/tailwind to v5.1.1 for v3 compatibility
- Remove @tailwindcss/vite dependency (v4 specific)
- Update tailwindcss to v3.4.17
- Fix astro.config.mjs to use standard Tailwind integration
- Update CSS imports to use v3 @tailwind directives
Fixes server deployment build failures due to dependency conflicts.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add test comment to trigger deployment pipeline and verify auto-deploy is working correctly.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- OpenAI API integration for event description generation
- Environment variable configuration for API key
- Premium feature access controls and usage tracking
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Replace hardcoded API key with environment variable
- Add OPENAI_API_KEY to .env.example for documentation
- Prevents secret exposure in version control
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
