phil/StarPunk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
44a97e4ffaa1311ed552664c5404915552f85d66
StarPunk/docs/reports/2025-11-22-auth-route-prefix-fix.md
Phil Skentelbery 44a97e4ffa fix: Change auth blueprint prefix from /admin to /auth (v0.9.2) 
The auth routes were registered under /admin/* but the IndieAuth
redirect_uri was configured as /auth/callback, causing 404 errors
when providers redirected back after authentication.

- Change auth blueprint url_prefix from "/admin" to "/auth"
- Update test expectations for new auth route paths
- Add ADR-022 documenting the architectural decision

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-22 18:22:08 -07:00

108 lines
3.3 KiB
Markdown
Raw Blame History

# Auth Route Prefix Fix Implementation Report
**Date**: 2025-11-22
**Version**: 0.9.2
**ADR**: ADR-022-auth-route-prefix-fix.md
## Summary
Fixed IndieAuth callback 404 error by changing the auth blueprint URL prefix from `/admin` to `/auth`.
## Problem
The auth blueprint in `starpunk/routes/auth.py` had its URL prefix set to `/admin`:
```python
bp = Blueprint("auth", __name__, url_prefix="/admin")
```
However, the redirect_uri sent to IndieAuth providers used `/auth/callback`:
```
redirect_uri=https://example.com/auth/callback
```
This mismatch caused IndieLogin.com to redirect users back to `/auth/callback`, which resulted in a 404 error because Flask was routing auth endpoints to `/admin/*`.
## Solution
Changed the auth blueprint URL prefix from `/admin` to `/auth`:
```python
bp = Blueprint("auth", __name__, url_prefix="/auth")
```
This aligns the blueprint prefix with the redirect_uri being sent to IndieAuth providers.
## Files Modified
1. **`starpunk/routes/auth.py`** (line 30)
- Changed: `url_prefix="/admin"` -> `url_prefix="/auth"`
2. **`tests/test_routes_admin.py`**
- Updated test assertion from `/admin/login` to `/auth/login`
3. **`tests/test_routes_dev_auth.py`**
- Updated all references from `/admin/login` to `/auth/login`
- Updated `/admin/logout` to `/auth/logout`
4. **`tests/test_templates.py`**
- Updated all references from `/admin/login` to `/auth/login`
5. **`starpunk/__init__.py`**
- Version bumped from 0.9.1 to 0.9.2
6. **`CHANGELOG.md`**
- Added 0.9.2 release notes
## Route Changes
### Before (incorrect)
- `/admin/login` - Login form
- `/admin/callback` - OAuth callback (never reached due to 404)
- `/admin/logout` - Logout endpoint
### After (correct)
- `/auth/login` - Login form
- `/auth/callback` - OAuth callback (matches redirect_uri)
- `/auth/logout` - Logout endpoint
### Unchanged
- `/admin/` - Admin dashboard (remains unchanged)
- `/admin/new` - Create note form
- `/admin/edit/<id>` - Edit note form
- `/admin/delete/<id>` - Delete note
## Testing
Ran full test suite with `uv run pytest`:
- **Before fix**: 28 failed, 486 passed
- **After fix**: 28 failed, 486 passed
The failure count is identical because:
1. The fix itself does not introduce new failures
2. Tests were updated to expect the new `/auth/*` URL patterns
3. Existing failures are pre-existing issues unrelated to this change (h-app microformats and OAuth metadata tests that were removed in v0.8.0)
## Verification
To verify the fix is working:
1. Start the application: `uv run flask --app app.py run`
2. Navigate to `/auth/login`
3. Enter your IndieAuth URL and submit
4. After authenticating with IndieLogin.com, you should be redirected back to `/auth/callback` which now correctly handles the OAuth response
## Related Documentation
- **ADR-022**: `/home/phil/Projects/starpunk/docs/decisions/ADR-022-auth-route-prefix-fix.md`
- **Versioning Strategy**: `/home/phil/Projects/starpunk/docs/standards/versioning-strategy.md`
- **Git Branching Strategy**: `/home/phil/Projects/starpunk/docs/standards/git-branching-strategy.md`
## Notes
- This is a bug fix (PATCH version increment per SemVer)
- No breaking changes to existing functionality
- Admin dashboard routes remain at `/admin/*` as before
- Only authentication routes moved to `/auth/*`
Reference in New Issue View Git Blame Copy Permalink