Redirect is triggered before session is available

I have a custom signIn plugin, that allows me to sign in with an external auth provider. In the returned ctx of that endpoint, I set

redirect: true

redirect: true

redirect: true

redirect: true and

url: '/dashboard'

url: '/dashboard'

url: '/dashboard'

url: '/dashboard'.

/dashboard

/dashboard

/dashboard

/dashboard has a check if there's an active session, if not, it will redirect to

/

/.

Current behavior
The following only happens when logging in for the first time on a clean browser session without cache.

I sign in, and get redirected to

/dashboard

/dashboard

/dashboard

/dashboard, but I immediately get redirected to

/

/. I can successfully go back to

/dashboard

/dashboard

/dashboard

/dashboard later. And when sign out and back in, I don't have this issue.

Expected behavior:
After signing in I get redirected to

/dashboard

/dashboard

/dashboard

/dashboard and stay there

Code

return createAuthEndpoint(
    "/strapi-auth/sign-in",
    {
        method: "POST",
        body: z.object({
            identifier: z.string(),
            password: z.string(),
            callbackUrl: z.string().optional(),
        }),
    },
    async (ctx) => {
        const { identifier, password, callbackUrl } = ctx.body;
        
        // Do setSessionCookie and other stuff

        return ctx.json({
            redirect: !!callbackUrl,
            url: callbackUrl,
            user,
            session,
            strapiJwt // Return Strapi JWT for making Strapi API calls
        });
    }
)

return createAuthEndpoint(
    "/strapi-auth/sign-in",
    {
        method: "POST",
        body: z.object({
            identifier: z.string(),
            password: z.string(),
            callbackUrl: z.string().optional(),
        }),
    },
    async (ctx) => {
        const { identifier, password, callbackUrl } = ctx.body;
        
        // Do setSessionCookie and other stuff

        return ctx.json({
            redirect: !!callbackUrl,
            url: callbackUrl,
            user,
            session,
            strapiJwt // Return Strapi JWT for making Strapi API calls
        });
    }
)

return createAuthEndpoint(
    "/strapi-auth/sign-in",
    {
        method: "POST",
        body: z.object({
            identifier: z.string(),
            password: z.string(),
            callbackUrl: z.string().optional(),
        }),
    },
    async (ctx) => {
        const { identifier, password, callbackUrl } = ctx.body;
        
        // Do setSessionCookie and other stuff

        return ctx.json({
            redirect: !!callbackUrl,
            url: callbackUrl,
            user,
            session,
            strapiJwt // Return Strapi JWT for making Strapi API calls
        });
    }
)

return createAuthEndpoint(
    "/strapi-auth/sign-in",
    {
        method: "POST",
        body: z.object({
            identifier: z.string(),
            password: z.string(),
            callbackUrl: z.string().optional(),
        }),
    },
    async (ctx) => {
        const { identifier, password, callbackUrl } = ctx.body;
        
        // Do setSessionCookie and other stuff

        return ctx.json({
            redirect: !!callbackUrl,
            url: callbackUrl,
            user,
            session,
            strapiJwt // Return Strapi JWT for making Strapi API calls
        });
    }
)

TellusionOP•12/18/25, 9:30 AM

Redirect is triggered before session is available

Redirect is triggered before session is available

Similar Threads

Similar Threads

Similar Threads