Skip to content

fix(ui): redirect signed-in users forward from factor-two#7788

Open
nikosdouvlis wants to merge 4 commits intomainfrom
nikos/factor-two-redirect-signed-in-forward
Open

fix(ui): redirect signed-in users forward from factor-two#7788
nikosdouvlis wants to merge 4 commits intomainfrom
nikos/factor-two-redirect-signed-in-forward

Conversation

@nikosdouvlis
Copy link
Member

@nikosdouvlis nikosdouvlis commented Feb 6, 2026
edited by coderabbitai bot
Loading

Summary

Follow-up to #7774. Builds on the infinite spinner fix by improving the redirect behavior for multi-session apps.

When a signed-in user lands on factor-two without a pending 2FA session (e.g. the dashboard reloads after successful verification), the previous fix redirected back to sign-in start which isn't ideal since the user is already authenticated.

This changes the behavior so that:

  • Signed-in users with no pending 2FA get redirected forward to afterSignInUrl
  • Users who aren't signed in still get redirected back to sign-in start

This is experimental - we want to verify on the dashboard before deciding whether to keep it.

Test plan

  • Navigate to /sign-in#/factor-two while signed in on a multi-session app - should redirect to afterSignInUrl
  • Navigate to /sign-in#/factor-two while signed out - should redirect to sign-in start
  • Normal 2FA sign-in flow still works as expected

Summary by CodeRabbit

  • Bug Fixes

    • Fixed infinite loading spinner when accessing the two-factor authentication sign-in route without an active 2FA session.

  • Changes

    • Updated redirect behavior: signed-in users landing on the two-factor authentication page without an active session now redirect to the sign-in completion URL instead of returning to sign-in start.

@nikosdouvlis
fix(ui): prevent infinite spinner on factor-two without active 2FA se…
6b510af 
…ssion

Why:
Users navigating directly to /sign-in#/factor-two without an active
sign-in requiring 2FA would see an infinite loading spinner because
there was no status check to redirect them back to sign-in start.

What changed:
Added useEffect to SignInFactorTwo that redirects to sign-in start
when signIn.status is null, needs_identifier, or needs_first_factor.
Matches the existing pattern in SignInFactorOne.

Key detail: dependency array only includes __internal_setActiveInProgress
(not signIn.status) to avoid triggering redirect during valid sign-in
completion when status changes to null.
@nikosdouvlis
chore(repo): downgrade subject-case commitlint rule to warning
aecc1b5 
Acronyms like 2FA, SSO, JWT in commit subjects trigger false positives
with the strict case check.
@nikosdouvlis
fix(ui): redirect signed-in users forward from factor-two
69d2d18 
When a signed-in user lands on factor-two without a pending 2FA
(e.g. page reload after successful verification in a multi-session app),
redirect to afterSignInUrl instead of back to sign-in start.
@nikosdouvlis
fix(ui): add changeset for factor-two redirect enhancement
b1bbe99
@vercel
Copy link

vercel bot commented Feb 6, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
clerk-js-sandbox Ready Ready Preview, Comment Feb 6, 2026 0:14am

Request Review

@changeset-bot
Copy link

changeset-bot bot commented Feb 6, 2026

🦋 Changeset detected

Latest commit: b1bbe99

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages
Name Type
@clerk/ui Patch
@clerk/chrome-extension Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@github-actions github-actions bot added the core-3 label Feb 6, 2026
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Feb 6, 2026

📝 Walkthrough

Walkthrough

This pull request introduces routing improvements and bug fixes for the factor-two sign-in flow in the @clerk/ui package. Two changeset entries were added documenting patch-level updates: one addressing redirect behavior for signed-in users accessing factor-two without an active 2FA session, and another fixing an infinite loading spinner issue on the same route. The SignInFactorTwo component was updated with client-side redirect logic that evaluates the authentication state on mount and directs users appropriately based on their sign-in status. Additionally, the commitlint configuration was adjusted to treat subject-case violations as warnings rather than errors.

🚥 Pre-merge checks | ✅ 2 | ❌ 1
❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The pull request title 'fix(ui): redirect signed-in users forward from factor-two' clearly and specifically summarizes the main change: redirecting authenticated users away from the factor-two route to the afterSignInUrl instead of back to sign-in start.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

Comment @coderabbitai help to get the list of available commands and usage tips.

@pkg-pr-new
Copy link

pkg-pr-new bot commented Feb 6, 2026

Open in StackBlitz

@clerk/agent-toolkit

npm i https://pkg.pr.new/@clerk/agent-toolkit@7788

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@7788

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@7788

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@7788

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@7788

@clerk/dev-cli

npm i https://pkg.pr.new/@clerk/dev-cli@7788

@clerk/expo

npm i https://pkg.pr.new/@clerk/expo@7788

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@7788

@clerk/express

npm i https://pkg.pr.new/@clerk/express@7788

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@7788

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@7788

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@7788

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@7788

@clerk/react

npm i https://pkg.pr.new/@clerk/react@7788

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@7788

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@7788

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@7788

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@7788

@clerk/ui

npm i https://pkg.pr.new/@clerk/ui@7788

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@7788

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@7788

commit: b1bbe99

@nikosdouvlis nikosdouvlis changed the base branch from main to nikos/fix-factor-two-infinite-spinner February 6, 2026 12:27
Base automatically changed from nikos/fix-factor-two-infinite-spinner to main February 11, 2026 10:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

core-3

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@nikosdouvlis