Netlify site: https://bejewelled-ganache-8d2d14.netlify.app/
I’m trying to set up a POC for an Astro site, deployed on Netlify, using full SSR and authenticated routes (i.e. some parts of the site are behind a login wall).
We’re also trying to have this microsite accessed via a subpath of another, existing Netlify site e.g. www.mysite.com/astro_poc/
Astro has the ability to do this by setting the base
config option, which we have done. Locally (either running in full Astro development mode, or locally building and accessing via a local Netlify dev server) this works correctly. However, once deployed, there are two issues with the authentication flow.
When a user trys to access a page that requires authentication, we check a cookie. If it is valid, the page renders; if not, they are redirected to the login page. Here, a simple login form is dealt with on the server (using Astros baked in form handling) and, if the authentication is successful, the user is then redirected back to the page they originally tried to acccess.
We do that last part by capturing the original referrer page as a URL search parameter appended to the login page URL e.g. /astro_poc/login?path=/some/page
. Then, on the login page, we grab that search parameter and use it as the value for the success redirect. All of this is using Astro’s baked in redirect and URL manipulation APIs.
Here’s where the bugs creep in: on that final redirect, the resultant URL contains a duplicated base path and the search parameters. So if I try to go to /astro_poc/some/page
without a valid auth cookie, I get bouned to /astro_poc/login?path=/some/page
correctly; I authenticate; and I then get redirected to /astro_poc/astro_poc/some/page?path=/some/page
, which is incorrect.
Weirdly, the correct page still loads, even though the path shown in the browser is now invalid
We’ve tried capturing the redirect URL and stripping the duplication (no effect); hard coding the redirect URL (still duplicates); removing the custom base URL from the redirect argument (no longer works at all); forcing an overwrite of the astro.url
search parameters (we can log these out and see they are blank, but the search parameters persist). But the bugs persist, and cannot be replicated locally.
Could there be some Netlify settings we’re overlooking?