Fix managed-mode relogin race + style topup CTA as amber button#101
Merged
Conversation
Defaulting to mode='local' on the first failed /api/config response caused a confusing login screen for managed-mode users post-relogin: the user was already authenticated via the gateway, but BD Core booted faster than its own fastify routes responded, getConfig() failed open to local, and App.tsx routed to the auth screen. Retry budget: 5 attempts with exponential backoff (~7.5s total). After that we still fall through to local — that's correct for genuine local installs where /api/config legitimately 404s. The gateway side also probes /api/config before redirecting (defense-in-depth), so reaching the fallback at all should be rare in managed mode. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Was rendering as plain muted text — easy to miss next to the credits balance. Match the existing Buy Credits button's golden accent theme (bg-bd-amber + bg-bd-bg-primary text + amber-hover) so it reads as a clear affordance to expand the topup form. Same Tailwind tokens as the actual Buy Credits button (slightly less prominent — no extra padding, just the inline + glyph) so visual hierarchy still distinguishes "show form" from "complete purchase". Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
getConfigretries before defaulting to local mode — closes a race where managed-mode users land on BD Core's own login screen after a relogin (gateway already authed them, but the SPA boots fasterthan its own fastify routes,
/api/configreturns 502/timeout once, and the old code immediately fell through tomode: "local"→ AuthFlow shows the password sign-in screen).bg-bd-ambertoken family as the existing "Buy Credits"submit button so the affordance matches the rest of the topup flow.
Context
Reproduced on the hosted gateway:
//api/configbefore fastify routes are ready → response 502 / network errorgetConfig()catches → returns hardcoded{ mode: "local", ... }App.tsxseesmode !== "managed"→ renders<AuthFlow>→ user sees a BrainDrive login form they shouldn't ever see in managed mode ❌Fix retries
/api/config5 times with exponential backoff (0, 500, 1000, 2000, 4000ms — ~7.5s total) before falling through. After the retry budget is exhausted we still default tolocalbecausethat's the safe choice for genuine local installs where
/api/configlegitimately 404s.The hosted gateway side has a paired change that also probes
/api/configbefore redirecting from the auth-handoff page — defense in depth so any new entry path into BD Core (deep links, bookmarks) getsthe same protection without going through the handoff UI.