fix: OIDC auth flow, Vite proxy, and PostgreSQL query compat

- Add auth redirect in root layout for unauthenticated users
- Proxy OIDC routes (/login, /callback, /logout) through Vite dev server
- Strip Secure flag from OIDC cookies in dev mode (HTTP localhost)
- Disable retry on auth query to prevent stale cookie loops
- Fix SQLite .get()/.all()/.run() calls in category and global-item
  services for PostgreSQL compatibility
- Add userId scoping to category service functions
- Add OIDC error logging in auth middleware
- Apply linter auto-formatting across affected files

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-04-05 18:25:31 +02:00
parent f7588827b1
commit 574a12e6fa
32 changed files with 315 additions and 253 deletions

View File

@@ -45,7 +45,10 @@ describe("OAuth Routes", () => {
userId = testApp.userId;
mockGetAuth.mockReset();
// Default: user is authenticated via OIDC
mockGetAuth.mockReturnValue({ sub: "test-user-logto-sub", email: "admin@example.com" });
mockGetAuth.mockReturnValue({
sub: "test-user-logto-sub",
email: "admin@example.com",
});
});
describe("GET /.well-known/oauth-authorization-server", () => {