The admin SPA's useAuth hook probes /auth/refresh on mount and calls /auth/logout on sign-out, but both were dropped in the per-feature → monolith consolidation (they lived in the old @features/admin backend), so every page load bounced back to SSO. Convert authSurface into createAuthSurface(opts) and mount it before the /admin/* SSO guard: /refresh runs ssoRequired (401 on missing/invalid cookie, 200 otherwise) and /logout expires the session cookie via clearSessionCookie (idempotent 200). |
||
|---|---|---|
| .. | ||
| config | ||
| scripts | ||
| src | ||
| tests/processors | ||
| .dependency-cruiser.cjs | ||
| .env.development | ||
| bunfig.toml | ||
| package.json | ||
| tsconfig.json | ||