mirror of
https://github.com/photoprism/photoprism.git
synced 2026-07-17 16:49:04 +00:00
Frontend: Document login.next and login.logout in common README #5506
This commit is contained in:
parent
1b95b8e043
commit
1647cbfe88
1 changed files with 2 additions and 1 deletions
|
|
@ -1,6 +1,6 @@
|
|||
## View Helper Guidelines
|
||||
|
||||
**Last Updated:** March 8, 2026
|
||||
**Last Updated:** May 19, 2026
|
||||
|
||||
### Focus Management
|
||||
|
||||
|
|
@ -17,6 +17,7 @@ When integrating third-party clients such as native mobile apps that embed the P
|
|||
- Storage keys are namespaced per app site via `storageNamespace` and use the format `pp:<storageNamespace>:<key>`. When no namespace is available, the fallback prefix is `pp:root:`.
|
||||
- Session restore requires both `session.token` and `session.id`. A token-only write does not create an authenticated session state during startup.
|
||||
- Optional session metadata keys are `session.provider`, `session.user`, `session.scope`, `session.data`, and `session.error`.
|
||||
- The login-flow keys `login.next` and `login.logout` live in namespaced `localStorage` outside the `session.*` prefix so they survive the OIDC callback's clear list. `login.next` is the deep-link target captured by the global router guard via `$session.setLoginRedirectUrl(to.href)`; the `/login` route reads it through `$session.hasLoginRedirectUrl()` (deep-link arrival signal) and consumes it with `$session.followLoginRedirectUrl()` after authentication. `login.logout` is a one-shot raised by every logout path so the very next deep-link arrival skips the auto-OIDC bounce, letting users sign in locally instead.
|
||||
- The storage preference flag is always stored in namespaced `localStorage` under `session`. A value of `"true"` tells the app to use namespaced `sessionStorage` for the active session; any other value falls back to namespaced `localStorage`.
|
||||
- `Session` must resolve `storageNamespace` from the actual client config shape used at runtime. In production, that value may be present on `config.values.storageNamespace` even when a direct `config.storageNamespace` property is absent.
|
||||
- The OIDC callback template clears legacy global auth/session payload keys and namespaced session data keys from `localStorage` and `sessionStorage`, but preserves the `session` storage-preference flag so OIDC flows using ephemeral `sessionStorage` remain logged in after redirect.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue