Fix OAuth login by syncing auth state to cookie
All checks were successful
Deploy / deploy (push) Successful in 1m37s
All checks were successful
Deploy / deploy (push) Successful in 1m37s
Root cause: PocketBase SDK stores auth in localStorage, but Next.js middleware checks for pb_auth cookie. The cookie was never being set after successful OAuth login. Fix: Add pb.authStore.onChange() listener that syncs auth state to cookie on any change (login, logout, token refresh). This is the idiomatic PocketBase pattern for Next.js SSR apps. Also updates authentication spec to reflect that the cookie is non-HttpOnly by design (client SDK needs read/write access). Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -21,6 +21,15 @@ export const pb = new PocketBase(POCKETBASE_URL);
|
||||
// Disable auto-cancellation for server-side usage
|
||||
pb.autoCancellation(false);
|
||||
|
||||
// Sync auth state to cookie on any change (login, logout, token refresh)
|
||||
// This allows Next.js middleware to read auth state for route protection
|
||||
// Cookie is non-HttpOnly because the client-side SDK needs read/write access
|
||||
if (typeof window !== "undefined") {
|
||||
pb.authStore.onChange(() => {
|
||||
document.cookie = pb.authStore.exportToCookie({ httpOnly: false });
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new PocketBase client instance.
|
||||
* Use this in server components and API routes to get a fresh client
|
||||
|
||||
Reference in New Issue
Block a user