MOPC/MOPC-Portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: impersonation navigation uses full page reload
All checks were successful
Build and Push Docker Image / build (push) Successful in 9m59s
Details

Browse Source 
Replace router.push() with window.location.href for both
start and end impersonation to ensure the updated JWT cookie
is sent with the new request. Client-side routing can race
with cookie propagation, causing the server to see the old
session and redirect back to admin.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Matt
2026-03-04 20:30:46 +01:00
parent 27ecbc40b3
commit ca888b4eb7
2 changed files with 6 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/components/admin/user-actions.tsx
View File

@@ -126,9 +126,9 @@ export function UserActions({ userId, userEmail, userStatus, userRole, userRoles
try {
const result = await startImpersonation.mutateAsync({ targetUserId: userId })
await update({ impersonate: userId })
toast.success(`Now impersonating ${userEmail}`)
router.push(getRoleHomePath(result.targetRole) as Route)
router.refresh()
// Full page navigation to ensure the updated JWT cookie is sent
// (router.push can race with cookie propagation)
window.location.href = getRoleHomePath(result.targetRole)
} catch (error) {
toast.error(error instanceof Error ? error.message : 'Failed to start impersonation')
}
@@ -302,9 +302,7 @@ export function UserMobileActions({
try {
const result = await startImpersonation.mutateAsync({ targetUserId: userId })
await update({ impersonate: userId })
toast.success(`Now impersonating ${userEmail}`)
router.push(getRoleHomePath(result.targetRole) as Route)
router.refresh()
window.location.href = getRoleHomePath(result.targetRole)
} catch (error) {
toast.error(error instanceof Error ? error.message : 'Failed to start impersonation')
}

5
src/components/shared/impersonation-banner.tsx
View File

@@ -18,9 +18,8 @@ export function ImpersonationBanner() {
try {
await endImpersonation.mutateAsync()
await update({ endImpersonation: true })
toast.success('Returned to admin account')
router.push('/admin/members')
router.refresh()
// Full page navigation to ensure updated JWT cookie is sent
window.location.href = '/admin/members'
} catch (error) {
toast.error(error instanceof Error ? error.message : 'Failed to end impersonation')
}