fix(tradein/auth): honest 401/error screens in RouteGuard instead of misleading text #2516
No reviewers
Labels
No labels
admin
analytics
auth
automation
bug
business
chore
ci
compliance
data
data-moat
docs
duplicate
dx
enhancement
Fable 5 ревью
feedback/max
generative
GG-форсайт
needs-discussion
needs-human
observability
pause-bots
performance
priority/p0
priority/p1
priority/p2
priority/p3
scope/backend
scope/db
scope/devops
scope/frontend
scope/qa
scrapers
security
site-finder
stage/1
stage/2
status/blocked
status/done
status/needs-analysis
status/needs-fix
status/qa
status/ready
status/review
status/wip
tech-debt
tradein
ux
week ревью 1
wontfix
вторичка
ИРД
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: lekss361/gendesign#2516
Loading…
Add table
Reference in a new issue
No description provided.
Delete branch "fix/tradein-routeguard-401-screen"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Summary
/me) handling already showed a "Session expired" screen (from earlier PR #896/#800), but its only action was a "Logout" button (logout()), not a re-auth CTA.variant="user"copy ("account not linked to a role"), which is misleading for a technical failure — user sees the wrong reason and no clear next step.Changes
NoAccessScreen.tsx:window.location.reload()— reload on top-level navigation re-triggers Caddy's basic_auth challenge when cached creds were rejected."error"variant for non-401/403useMe()failures — honest copy ("Не удалось проверить доступ" / technical-issue subtitle) + "Обновить страницу" reload CTA, replacing the misleadingusertext.trial(role=expired) anduser/path(403 / path-deny) screens unchanged — untouched per spec.RouteGuard.tsx: the catch-allif (error)branch (covers 500s / network errors) now routes tovariant="error"instead ofvariant="user".Test plan
npx tsc --noEmit -p tsconfig.json— cleannpm run lint(next lint / eslint) — clean, no warnings in touched filesnpm run build— production build succeeds, all routes compile/trade-in/api/v1/meand confirm the "Сессия истекла" screen with "Войти снова" button renders (not blank); force a 500/network failure and confirm the "Не удалось проверить доступ" screen renders with "Обновить страницу"Session-expired (401) screen already existed but its CTA button was mislabeled "Выйти" (logout) and called logout() with no reload alternative; generic non-401/403 errors (500 / network fail) reused variant="user" whose copy ("аккаунт не привязан к роли") is wrong for a technical failure. - NoAccessScreen: session variant now shows "Войти снова" button that does window.location.reload() (basic_auth top-level nav reload re-triggers the browser's auth challenge on rejected creds) instead of full logout. - New "error" variant for non-401/403 useMe() failures — honest copy + "Обновить страницу" reload CTA, replacing the misleading "user" text. - RouteGuard: generic catch-all error branch now routes to variant="error". - trial (role=expired) and 403 (variant="user") screens unchanged.