From fc18239b97ef6d98e96b643eed1eeedda1012854 Mon Sep 17 00:00:00 2001 From: Joseph Doherty Date: Fri, 15 May 2026 12:14:57 -0400 Subject: [PATCH] fix(ui/auth): stop /login redirect loop when the session is expired SessionExpiry renders inside MainLayout, which also wraps the login page. For a user with a still-present auth cookie but an expired expires_at claim, it redirected /login back to /login indefinitely. It now skips the redirect when already on the login page. --- .../Components/Shared/SessionExpiry.razor | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/ScadaLink.CentralUI/Components/Shared/SessionExpiry.razor b/src/ScadaLink.CentralUI/Components/Shared/SessionExpiry.razor index d8d2ed6..6dc4dbb 100644 --- a/src/ScadaLink.CentralUI/Components/Shared/SessionExpiry.razor +++ b/src/ScadaLink.CentralUI/Components/Shared/SessionExpiry.razor @@ -7,6 +7,11 @@ protected override async Task OnInitializedAsync() { + // The login page uses the same layout, so this component renders there + // too. Redirecting /login → /login would loop ("too many redirects"). + var path = Navigation.ToBaseRelativePath(Navigation.Uri); + if (path.StartsWith("login", StringComparison.OrdinalIgnoreCase)) return; + var auth = await AuthStateProvider.GetAuthenticationStateAsync(); if (auth.User.Identity?.IsAuthenticated != true) return;