fix: replace settings redirect with API key prompt modal#2
Open
CJFWeatherhead wants to merge 7 commits intomainfrom
Open
fix: replace settings redirect with API key prompt modal#2CJFWeatherhead wants to merge 7 commits intomainfrom
CJFWeatherhead wants to merge 7 commits intomainfrom
Conversation
Replace the onMount redirect to /settings with a modal overlay that prompts for API credentials on any page when they are missing. This fixes: - Browser refresh losing the current page (redirect to /settings) - Back button creating redirect loops - Direct URL access to routes showing blank pages Changes: - Add ApiKeyPrompt.svelte modal that validates credentials inline - Remove goto(/settings) redirect from +layout.svelte - Add adapter-static fallback (200.html) for unknown routes - Update Caddyfile try_files to serve index.html and SPA fallback - Replace placeholder test with 32 unit tests for funcs.ts utilities - Add CI workflow (lint, type-check, test, build, Docker smoke test) - Document authentication flow in README
- Add e2e/mock-api.mjs: lightweight mock Headscale API server returning
fixture data matching openapiv2.json types (users, nodes, preauth keys,
API keys, policy). Validates Bearer token auth.
- Add e2e/navigation.spec.ts: 25 Playwright E2E tests covering:
- Unauthenticated: prompt appears on all pages, invalid key rejected
- Auth flow: credentials dismiss modal, user stays on requested page
- Authenticated navigation: all routes render real content
- Refresh: preserves current page
- Back button: forward/back navigation works correctly
- Direct URL access: no white screen on any route
- Fix Caddyfile: use {ENDPOINT}/200.html for SPA fallback so it
resolves correctly when build output is inside /app/admin/
- Fix Dockerfile: export ENDPOINT env var to Caddy stage so
Caddyfile can reference it
- Add Playwright to devDependencies and test:e2e script
- Add E2E job to CI workflow
- Add Docker smoke test for /admin/nonexistent/ (fallback)
- Add Playwright artifacts to .gitignore
- Add src/routes/+error.svelte: replaces SvelteKit's blank default error page with a styled fallback (status code + message + 'Go to dashboard' button) so any routing error produces a visible screen, not a blank page. - Add e2e/docker.spec.ts: 10 Playwright tests that run against the production Docker build (Caddy + /admin base path). Covers refresh, direct URL access, unauthenticated modal, and post-auth refresh. - Add playwright.docker.config.ts: separate Playwright config for the Docker suite; baseURL set to http://localhost:8080/admin/ (with trailing slash) so relative paths like './nodes/' resolve to /admin/nodes/. - Add e2e-docker CI job: builds the Docker image, starts the container + mock API, waits for both to be ready via curl retry, runs the Docker E2E suite, then tears down. - Add /healthz endpoint to mock-api.mjs for CI readiness checks.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Replace the
onMountredirect to/settingswith a modal overlay that prompts for API credentials on whichever page the user is visiting. This fixes several broken standard browser behaviours.Problems fixed
goto(base + "/settings")ran on every page load when credentials had not been validated yet, so any refresh redirected to Settings/nodesdirectly showed a blank page briefly before redirecting, because the SPA had no fallback for unknown pathsChanges
src/lib/parts/ApiKeyPrompt.svelte!App.hasApi. Validates credentials with a directfetchbefore persisting them.src/routes/+layout.sveltegoto(settings)redirect and its imports. AddedApiKeyPromptcomponent.svelte.config.jsfallback: "200.html"toadapter-staticso unknown paths get a usable SPA shell instead of a 404.Caddyfiletry_fileswith{path}/index.htmland/200.htmlfallback for robust serving of pre-rendered routes and SPA fallback.src/index.test.ts1+2=3test with 32 unit tests coveringfuncs.tsutilities..github/workflows/ci.ymlREADME.mdBehaviour after this change
Testing
vitest run)svelte-check— 0 errors, 0 warningsENDPOINT=""andENDPOINT=/admin200.htmlfallback confirmed in build output