Fix login flows (#486)

locnguyen1986 · web-flow · commit 40dc5fedb7d4 · 2026-01-30T15:27:43.000+07:00
* ad usage and

* allow API Key access inactive models

* fix the login flows
diff --git a/apps/web/src/components/form/login.tsx b/apps/web/src/components/form/login.tsx
@@ -38,12 +38,25 @@ export function LoginForm({
   const getRedirectUrl = () => {
     const url = new URL(window.location.href);
     const redirectParam = url.searchParams.get(URL_PARAM.REDIRECT);
+
+    // Case 1: Has redirect param (external localhost or internal path)
     if (redirectParam && (redirectParam.startsWith("/") || isAllowedExternalRedirect(redirectParam))) {
       return redirectParam;
     }
+
+    // Case 2: On /login route without redirect -> go to homepage
     if (url.pathname === "/login") {
-      return "/";
+      return undefined; // Let handleCloseModal decide
     }
+
+    // Case 3: Modal login (/?modal=login) -> return undefined to close modal and stay/go home
+    if (url.searchParams.get(URL_PARAM.MODAL) === URL_PARAM_VALUE.LOGIN) {
+      return undefined;
+    }
+
+    // Case 4: Modal opened on another page -> stay on current page (without modal params)
+    url.searchParams.delete(URL_PARAM.MODAL);
+    url.searchParams.delete(URL_PARAM.REDIRECT);
     return url.pathname + url.search;
   };
 
diff --git a/apps/web/src/routes/__root.tsx b/apps/web/src/routes/__root.tsx
@@ -142,27 +142,30 @@ function RootLayout() {
   };
 
   const handleCloseModal = (redirectUrl?: string) => {
-    // Handle external redirect (e.g., http://localhost:19999)
+    // Case 1: External redirect (e.g., http://localhost:29999 from install script)
     if (redirectUrl && isAllowedExternalRedirect(redirectUrl)) {
+      const bearerToken = `Bearer ${accessToken}`;
+      const encodedToken = btoa(bearerToken);
       const target = new URL(redirectUrl);
-      target.searchParams.set("token", `Bearer ${accessToken}`);
+      target.searchParams.set("token", encodedToken);
       window.location.href = target.toString();
       return;
     }
 
-    if (location.pathname === "/login") {
-      if (redirectUrl && redirectUrl.startsWith("/")) {
-        router.navigate({ to: redirectUrl });
-      }
+    // Case 2: Internal redirect path (e.g., /dashboard)
+    if (redirectUrl && redirectUrl.startsWith("/")) {
+      router.navigate({ to: redirectUrl });
       return;
     }
 
-    if (redirectUrl && redirectUrl.startsWith("/")) {
-      router.navigate({ to: redirectUrl });
+    // Case 3: Modal login (/?modal=login) - close modal and go to homepage
+    // Or /login route without redirect - go to homepage
+    if (location.pathname === "/login") {
+      router.navigate({ to: "/" });
       return;
     }
 
-    // Remove the modal search param by navigating without it
+    // Case 4: Modal was opened on another page - just close modal, stay on current page
     const url = new URL(window.location.href);
     url.searchParams.delete(URL_PARAM.MODAL);
     url.searchParams.delete(URL_PARAM.REDIRECT);
