Open karlapsite opened 1 day ago
@paulpopus I did end up fiddling with the order of operations in packages/next/src/views/Root/index.tsx
which you can see here
Hey @karlapsite,
So I actually reproduced your issue using the _community
folder in the monorepo. You can avoid the default login by commenting out these lines. I don't believe there's an issue there as this is done for a smoother dev experience while working with the test folders.
Thanks for the tip @akhrarovsaid! The specific issue with the dev credentials in my third point is a little nitty-gritty.
I didn't have too much trouble commenting out the devUser to play around with the /create-first-user
flow... but once I made my devUser... I wanted to make sure that payload would properly redirect users to the login page... and there was some trouble there.
When using default credentials, I couldn't logout. manually navigating to /admin/logout
indicated that I did logout in a toast, but I suspect something in the _community
folder auto-logs in the devUser if those specific dev credentials are present. I worked around this by removing the devUser account, and manually creating an account with different credentials. That seems to let me play around with login/logout just fine...
When navigating to /admin/foobar
when there is a dev account but the user just isn't logged in... the same issue is present.
After some playing around, It would seem a change like the one I tinkered with could address both sides of this issue.
Separately, my change appears to have awoken some sort of login redirection feature, but it does not appear to work as expected... which might be out-of-scope. I'm unsure if that should be addressed here and now, or if that would be a good candidate for a follow-up issue.
Hey @karlapsite,
Actually you're correct - the test folder has helper functions that triggers auto-login. Have a look below at the root of this functionality which seems to originate from buildConfigWithDefaults
present in all the config.ts
files in the test folder.
Auto login predicate in buildConfigWithDefaults Login function helper Default credentials
I hope this may help you with your proposed changes and tests. Cheers!
Hey all, thanks for all the investigations here, I wouldnt touch the default login and such. The issue here is actually just that the notFound page is visible within the layout of the admin panel if you are not authenticated. It's not isolated to the create first user flow, so I updated the title
Yep... not trying to change default login... it just gave me a little trouble when debugging both cases.
I'm still curious if reordering redirection and notFound would address the issue.
Link to reproduction
https://github.com/karlapsite/payload/tree/fix/create-user-redirection-issue-reproduction
diff
Environment Info
Should be latest n' greatest:
Payload: v3.0.0-beta.114 Node.js: 22.6.0 Next.js: 15.0.0-canary.17
Describe the Bug
I'm playing around with the blank and website templates with a coworker. We're a little confused why navigating in browser to
/admin/foobar
doesn't forward us to/admin/create-first-user
like it does in other cases... I haven't created my first account yet... it seems a little weird to be able to peek at the public collections (or render any semblance of the admin portal at all yet) Clicking on anything does redirect me to/admin/create-first-user
Is this intentional behavior?
If we don't want users to peak the unauthed admin page... is there an easy way to modify the admin not-found template to redirect us somehow? or is there a cleaner place to catch/forward this case?
A similar issue seems to exist after the first account has been created... my expectation was to see the admin portal redirect the user to the login component and prevent them from seeing the admin portal/sidebar.
To my knowledge this isn't a security issue, as the user can only see the names of collections that are public read. Authorized collections won't appear in the sidebar... So this is only disorienting at best
Reproduction Steps
devUser
in the _community template./admin/foobar
Adapters and Plugins
No response