Skip to content

Improve navigation to manage identity from authorization page#3560

Open
sea-snake wants to merge 21 commits intomainfrom
sea-snake/manage-identity-from-authorize
Open

Improve navigation to manage identity from authorization page#3560
sea-snake wants to merge 21 commits intomainfrom
sea-snake/manage-identity-from-authorize

Conversation

@sea-snake
Copy link
Copy Markdown
Contributor

@sea-snake sea-snake commented Dec 24, 2025
edited
Loading

Use internal authentication over post message to improve navigation to manage identity from authorization page.

Changes

  • Add ContinueToManage component to views.
  • Add toRelative to urlUtils.ts with tests and use it for existing /login route and new internal-auth route.
  • Update layout of /authorize/* to use new openWindowWithAuth method to authenticate before opening the dashboard in a new window and then securely transmit this authentication to the new window.
  • Add /internal-auth route to handle receiving and handling this authentication state transmission in a new window.
  • Implement openWindowWithAuth and requestAuthFromOpener methods to allow securely transmitting auth from one same origin window to another.

Tests

Added Open dashboard from authorize page e2e.

sea-snake and others added 14 commits December 23, 2025 15:08
@sea-snake
Redesign sign-in on landing page.
f233472
@sea-snake
Fix e2e
a914280
@sea-snake
Fix e2e
d8cbb42
@sea-snake
Fix e2e
21be325
@sea-snake
Fix e2e
b56e3e9
@sea-snake
Nit: increase gap
368969d
@sea-snake
Merge branch 'main' into sea-snake/landing-page-sign-in-redesign
43af1ee
@sea-snake
Use internal authentication over post message to improve navigation t…
de8d739 
…o manage identity from authorization screen.
@sea-snake
Use internal authentication over post message to improve navigation t…
26c9455 
…o manage identity from authorization screen.
@sea-snake
Add shrink-0
121b62b
@sea-snake
Merge branch 'main' into sea-snake/manage-identity-from-authorize
50ffb66 
# Conflicts:
#	src/frontend/src/lib/components/ui/IdentitySwitcher.svelte
#	src/frontend/src/routes/(new-styling)/+page.svelte
#	src/frontend/src/routes/(new-styling)/authorize/+layout.svelte
#	src/frontend/src/routes/(new-styling)/manage/(authenticated)/+layout.svelte
@sea-snake
Move url to relative to utils.
bceebcb
@sea-snake
Refactor and add comments
fb3d8d0
@sea-snake
Refactor and add comments
1d69598
@sea-snake sea-snake marked this pull request as ready for review January 6, 2026 12:37
@sea-snake sea-snake requested review from aterga and Copilot January 6, 2026 12:37
Copilot AI reviewed Jan 6, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR improves the navigation flow from the authorization page to the identity management dashboard by using secure postMessage-based authentication transfer instead of relying solely on session state. When a user clicks to manage their identity from the authorization page, the system authenticates them if needed, then opens a new window and securely transmits the authentication state to it.

Key changes:

  • Introduces a new /internal-auth route that receives authentication state from an opener window via postMessage and redirects to the management dashboard
  • Adds toRelative() utility function to safely convert URLs to relative paths, centralizing URL sanitization logic
  • Implements openWindowWithAuth() and requestAuthFromOpener() functions for secure cross-window authentication transfer with origin validation

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 10 comments.

Show a summary per file
File Description
src/frontend/src/lib/utils/urlUtils.ts Adds toRelative() utility to convert absolute URLs to relative paths
src/frontend/src/lib/utils/urlUtils.test.ts Adds tests for the new toRelative() function
src/frontend/src/routes/(new-styling)/login/+page.ts Refactors to use new toRelative() utility instead of inline URL sanitization
src/frontend/src/routes/(new-styling)/internal-auth/utils.ts Implements authentication serialization/deserialization and postMessage-based auth transfer between windows
src/frontend/src/routes/(new-styling)/internal-auth/+page.ts Page loader for internal-auth route that sanitizes the 'next' parameter
src/frontend/src/routes/(new-styling)/internal-auth/+page.svelte Loading page that receives auth from opener window and redirects to management dashboard
src/frontend/src/routes/(new-styling)/authorize/+layout.svelte Adds "manage identity" flow with authentication and new window opening
src/frontend/src/lib/components/views/ContinueToManage.svelte Dialog component prompting user to continue to management dashboard in new window

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@aterga aterga Awaiting requested review from aterga

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sea-snake