Skip to content

Fix OIDC users unable to access UI after login#469

Merged
tale merged 5 commits intotale:mainfrom
drifterza:feature/oidc-pending-approval
Feb 26, 2026
Merged

Fix OIDC users unable to access UI after login#469
tale merged 5 commits intotale:mainfrom
drifterza:feature/oidc-pending-approval

Conversation

@drifterza
Copy link
Contributor

@drifterza drifterza commented Feb 24, 2026
edited
Loading

Fixes #458

When new OIDC users log in after the first user, they get the member role with no capabilities. Previously this showed an unhelpful access denied message.

This adds a dedicated pending approval page that:

  • Shows the user their account needs admin approval
  • Lists next steps (admin review, approval notification)
  • Provides the tailscale command to connect devices while waiting
  • Auto-refreshes every 3 seconds to detect when approval is granted
  • Redirects to /machines once the user has access

Also shows "Pending Approval" status in the users list so admins can see who needs approval.

Includes unit tests for the roles system and live data refresh behavior.

Update: Changed from manual refresh button to automatic polling using the existing useLiveData() hook per reviewer feedback.

image

@drifterza drifterza requested a review from tale as a code owner February 24, 2026 13:33
tale
tale requested changes Feb 26, 2026
View reviewed changes
Copy link
Owner

@tale tale left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have a useLiveData() hook (or something similarly named). This would be a good way to automatically check for access and refresh (something which I think should've already been there from the start).

Please switch your implementation to check every 3 seconds instead of explicitly checking to align with the rest of Headplane's UI.

@drifterza
use LiveDataProvider auto-refresh for pending approval page
2e5bb79 
Replaces manual refresh button with automatic 3-second polling.
Adds unit tests for the live data hook behavior.
@drifterza drifterza force-pushed the feature/oidc-pending-approval branch from 1dd9937 to 2e5bb79 Compare February 26, 2026 22:56
@drifterza drifterza requested a review from tale February 26, 2026 22:58
@drifterza
Copy link
Contributor Author

drifterza commented Feb 26, 2026
edited
Loading

We have a useLiveData() hook (or something similarly named). This would be a good way to automatically check for access and refresh (something which I think should've already been there from the start).

Please switch your implementation to check every 3 seconds instead of explicitly checking to align with the rest of Headplane's UI.

@tale : Like this? See description.

@tale
Copy link
Owner

tale commented Feb 26, 2026

Amazing, and I love the unit tests, thank you so much!

@tale tale merged commit 3c5a653 into tale:main Feb 26, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tale tale Awaiting requested review from tale tale is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

OIDC users unable to access UI and Owner cannot modify roles (v0.6.1)

2 participants

@drifterza @tale