fix: embedded direct template recipient auth

2025-11-19 03:01:59 +10:00 · 2025-10-28 17:02:26 +11:00
parent d6a2f5a4c9
commit 7f19ec1265
13 changed files with 191 additions and 68 deletions
--- a/apps/remix/app/routes/_unauthenticated+/signin.tsx
+++ b/apps/remix/app/routes/_unauthenticated+/signin.tsx
@ -1,3 +1,5 @@
+import { useEffect, useState } from 'react';
+
 import { Trans } from '@lingui/react/macro';
 import { Link, redirect } from 'react-router';

@ -9,6 +11,7 @@ import {
  OIDC_PROVIDER_LABEL,
 } from '@documenso/lib/constants/auth';
 import { env } from '@documenso/lib/utils/env';
+import { isValidReturnTo, normalizeReturnTo } from '@documenso/lib/utils/is-valid-return-to';

 import { SignInForm } from '~/components/forms/signin';
 import { appMetaTags } from '~/utils/meta';
@ -28,8 +31,12 @@ export async function loader({ request }: Route.LoaderArgs) {
  const isOIDCSSOEnabled = IS_OIDC_SSO_ENABLED;
  const oidcProviderLabel = OIDC_PROVIDER_LABEL;

+  let returnTo = new URL(request.url).searchParams.get('returnTo') ?? undefined;
+
+  returnTo = isValidReturnTo(returnTo) ? normalizeReturnTo(returnTo) : undefined;
+
  if (isAuthenticated) {
-    throw redirect('/');
+    throw redirect(returnTo || '/');
  }

  return {
@ -37,12 +44,28 @@ export async function loader({ request }: Route.LoaderArgs) {
    isMicrosoftSSOEnabled,
    isOIDCSSOEnabled,
    oidcProviderLabel,
+    returnTo,
  };
 }

 export default function SignIn({ loaderData }: Route.ComponentProps) {
-  const { isGoogleSSOEnabled, isMicrosoftSSOEnabled, isOIDCSSOEnabled, oidcProviderLabel } =
-    loaderData;
+  const {
+    isGoogleSSOEnabled,
+    isMicrosoftSSOEnabled,
+    isOIDCSSOEnabled,
+    oidcProviderLabel,
+    returnTo,
+  } = loaderData;
+
+  const [isEmbeddedRedirect, setIsEmbeddedRedirect] = useState(false);
+
+  useEffect(() => {
+    const hash = window.location.hash.slice(1);
+
+    const params = new URLSearchParams(hash);
+
+    setIsEmbeddedRedirect(params.get('embedded') === 'true');
+  }, []);

  return (
    <div className="w-screen max-w-lg px-4">
@ -61,13 +84,17 @@ export default function SignIn({ loaderData }: Route.ComponentProps) {
          isMicrosoftSSOEnabled={isMicrosoftSSOEnabled}
          isOIDCSSOEnabled={isOIDCSSOEnabled}
          oidcProviderLabel={oidcProviderLabel}
+          returnTo={returnTo}
        />

-        {env('NEXT_PUBLIC_DISABLE_SIGNUP') !== 'true' && (
+        {!isEmbeddedRedirect && env('NEXT_PUBLIC_DISABLE_SIGNUP') !== 'true' && (
          <p className="text-muted-foreground mt-6 text-center text-sm">
            <Trans>
              Don't have an account?{' '}
-              <Link to="/signup" className="text-documenso-700 duration-200 hover:opacity-70">
+              <Link
+                to={returnTo ? `/signup?returnTo=${encodeURIComponent(returnTo)}` : '/signup'}
+                className="text-documenso-700 duration-200 hover:opacity-70"
+              >
                Sign up
              </Link>
            </Trans>