Skip to content

Commit e61ba0a

Browse files
samejrcursoragent
andcommitted
fix(webapp): stop login.magic client module crash breaking SSO redirect
The top-level createCookie call read env.NODE_ENV from ~/env.server, which is undefined in the client bundle, so importing the route module threw. When the inline /login email form submits (a navigation to /login/magic), Remix loads that module, the import fails, and it hard-reloads /login instead of following the action's redirect to /login/sso. Move the cookie into a .server module so it never evaluates on the client. Co-authored-by: Cursor <cursoragent@cursor.com>
1 parent 7646fae commit e61ba0a

2 files changed

Lines changed: 16 additions & 12 deletions

File tree

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
import { createCookie } from "@remix-run/node";
2+
import { env } from "~/env.server";
3+
4+
// Carries the submitted email to the confirmation screen in a short-lived,
5+
// httpOnly cookie rather than the URL, so the address never lands in access
6+
// logs, browser history, or error-tracker breadcrumbs. Lives in a .server
7+
// module: it calls createCookie at import time using server-only env, which
8+
// throws if it ever evaluates in the client bundle.
9+
export const magicLinkEmailCookie = createCookie("magiclink-email", {
10+
maxAge: 60 * 10,
11+
httpOnly: true,
12+
sameSite: "lax",
13+
secure: env.NODE_ENV === "production",
14+
path: "/",
15+
});

apps/webapp/app/routes/login.magic/route.tsx

Lines changed: 1 addition & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,6 @@
11
import { ArrowLeftIcon } from "@heroicons/react/20/solid";
22
import { InboxArrowDownIcon } from "@heroicons/react/24/solid";
33
import {
4-
createCookie,
54
redirect,
65
type ActionFunctionArgs,
76
type LoaderFunctionArgs,
@@ -35,17 +34,7 @@ import { ssoRedirectForEmail } from "~/services/ssoAutoDiscovery.server";
3534
import { logger, tryCatch } from "@trigger.dev/core/v3";
3635
import { env } from "~/env.server";
3736
import { extractClientIp } from "~/utils/extractClientIp.server";
38-
39-
// The submitted email is carried to the confirmation screen in a short-lived,
40-
// httpOnly cookie rather than the URL, so the address never lands in access
41-
// logs, browser history, or error-tracker breadcrumbs.
42-
const magicLinkEmailCookie = createCookie("magiclink-email", {
43-
maxAge: 60 * 10,
44-
httpOnly: true,
45-
sameSite: "lax",
46-
secure: env.NODE_ENV === "production",
47-
path: "/",
48-
});
37+
import { magicLinkEmailCookie } from "./magicLinkEmailCookie.server";
4938

5039
export const meta: MetaFunction = ({ matches }) => {
5140
const parentMeta = matches

0 commit comments

Comments
 (0)