Fix OAuth login by syncing auth state to cookie

Root cause: PocketBase SDK stores auth in localStorage, but Next.js middleware checks for pb_auth cookie. The cookie was never being set after successful OAuth login. Fix: Add pb.authStore.onChange() listener that syncs auth state to cookie on any change (login, logout, token refresh). This is the idiomatic PocketBase pattern for Next.js SSR apps. Also updates authentication spec to reflect that the cookie is non-HttpOnly by design (client SDK needs read/write access). Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-12 13:59:53 +00:00
parent e2afee2045
commit 2ae6804cc4
3 changed files with 15 additions and 15 deletions
--- a/src/app/login/page.tsx
+++ b/src/app/login/page.tsx
@@ -120,22 +120,11 @@ export default function LoginPage() {
    setError(null);

    try {
-      console.log("[OAuth] Starting authWithOAuth2...");
-      const result = await pb
-        .collection("users")
-        .authWithOAuth2({ provider: "oidc" });
-      console.log("[OAuth] authWithOAuth2 resolved:", result);
-      console.log("[OAuth] authStore.isValid:", pb.authStore?.isValid);
-      console.log(
-        "[OAuth] authStore.token:",
-        `${pb.authStore?.token?.substring(0, 20)}...`,
-      );
+      await pb.collection("users").authWithOAuth2({ provider: "oidc" });
      // Reset attempts on successful login
      setLoginAttempts([]);
-      console.log("[OAuth] Calling router.push...");
      router.push("/");
    } catch (err) {
-      console.error("[OAuth] Error caught:", err);
      // Record the failed attempt
      recordAttempt();
      const message =