Skip to content

fix(ui): redirect signed-in users forward from factor-two #7788

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
nikosdouvlis wants to merge 4 commits into
base: main
Choose a base branch
from
Open

fix(ui): redirect signed-in users forward from factor-two #7788

nikosdouvlis wants to merge 4 commits into from
+39 −2

Conversation

@nikosdouvlis
Copy link
Member

@nikosdouvlis nikosdouvlis commented Feb 6, 2026
edited by coderabbitai bot
Loading

Summary

Follow-up to #7774. Builds on the infinite spinner fix by improving the redirect behavior for multi-session apps.

When a signed-in user lands on factor-two without a pending 2FA session (e.g. the dashboard reloads after successful verification), the previous fix redirected back to sign-in start which isn't ideal since the user is already authenticated.

This changes the behavior so that:

  • Signed-in users with no pending 2FA get redirected forward to afterSignInUrl
  • Users who aren't signed in still get redirected back to sign-in start

This is experimental - we want to verify on the dashboard before deciding whether to keep it.

Test plan

  • Navigate to /sign-in#/factor-two while signed in on a multi-session app - should redirect to afterSignInUrl
  • Navigate to /sign-in#/factor-two while signed out - should redirect to sign-in start
  • Normal 2FA sign-in flow still works as expected

Summary by CodeRabbit

  • Bug Fixes

    • Fixed infinite loading spinner when accessing the two-factor authentication sign-in route without an active 2FA session.

  • Changes

    • Updated redirect behavior: signed-in users landing on the two-factor authentication page without an active session now redirect to the sign-in completion URL instead of returning to sign-in start.

@nikosdouvlis
fix(ui): prevent infinite spinner on factor-two without active 2FA se…
6b510af 
…ssion

Why:
Users navigating directly to /sign-in#/factor-two without an active
sign-in requiring 2FA would see an infinite loading spinner because
there was no status check to redirect them back to sign-in start.

What changed:
Added useEffect to SignInFactorTwo that redirects to sign-in start
when signIn.status is null, needs_identifier, or needs_first_factor.
Matches the existing pattern in SignInFactorOne.

Key detail: dependency array only includes __internal_setActiveInProgress
(not signIn.status) to avoid triggering redirect during valid sign-in
completion when status changes to null.
@nikosdouvlis
chore(repo): downgrade subject-case commitlint rule to warning
aecc1b5 
Acronyms like 2FA, SSO, JWT in commit subjects trigger false positives
with the strict case check.
@nikosdouvlis
fix(ui): redirect signed-in users forward from factor-two
69d2d18 
When a signed-in user lands on factor-two without a pending 2FA
(e.g. page reload after successful verification in a multi-session app),
redirect to afterSignInUrl instead of back to sign-in start.
@nikosdouvlis
fix(ui): add changeset for factor-two redirect enhancement
b1bbe99
@vercel
Copy link

vercel bot commented Feb 6, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
clerk-js-sandbox Ready Ready Preview, Comment Feb 6, 2026 0:14am

Request Review

@changeset-bot
Copy link

changeset-bot bot commented Feb 6, 2026

🦋 Changeset detected

Latest commit: b1bbe99

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages
Name Type
@clerk/ui Patch
@clerk/chrome-extension Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@github-actions github-actions bot added the core-3 label Feb 6, 2026
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Feb 6, 2026

📝 Walkthrough

Walkthrough

This pull request introduces routing improvements and bug fixes for the factor-two sign-in flow in the @clerk/ui package. Two changeset entries were added documenting patch-level updates: one addressing redirect behavior for signed-in users accessing factor-two without an active 2FA session, and another fixing an infinite loading spinner issue on the same route. The SignInFactorTwo component was updated with client-side redirect logic that evaluates the authentication state on mount and directs users appropriately based on their sign-in status. Additionally, the commitlint configuration was adjusted to treat subject-case violations as warnings rather than errors.

🚥 Pre-merge checks | ✅ 2 | ❌ 1
❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The pull request title 'fix(ui): redirect signed-in users forward from factor-two' clearly and specifically summarizes the main change: redirecting authenticated users away from the factor-two route to the afterSignInUrl instead of back to sign-in start.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

Comment @coderabbitai help to get the list of available commands and usage tips.

@pkg-pr-new
Copy link

pkg-pr-new bot commented Feb 6, 2026

Open in StackBlitz

@clerk/agent-toolkit

npm i https://pkg.pr.new/@clerk/agent-toolkit@7788

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@7788

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@7788

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@7788

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@7788

@clerk/dev-cli

npm i https://pkg.pr.new/@clerk/dev-cli@7788

@clerk/expo

npm i https://pkg.pr.new/@clerk/expo@7788

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@7788

@clerk/express

npm i https://pkg.pr.new/@clerk/express@7788

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@7788

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@7788

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@7788

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@7788

@clerk/react

npm i https://pkg.pr.new/@clerk/react@7788

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@7788

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@7788

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@7788

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@7788

@clerk/ui

npm i https://pkg.pr.new/@clerk/ui@7788

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@7788

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@7788

commit: b1bbe99

@nikosdouvlis nikosdouvlis changed the base branch from main to nikos/fix-factor-two-infinite-spinner February 6, 2026 12:27
Base automatically changed from nikos/fix-factor-two-infinite-spinner to main February 11, 2026 10:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

core-3

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@nikosdouvlis