Skip to content

fix: Check super admin status before signup flow redirect #674

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
bokelley merged 1 commit into from
Oct 31, 2025
Merged

fix: Check super admin status before signup flow redirect #674

bokelley merged 1 commit into from
Oct 31, 2025

Conversation

@bokelley
Copy link
Contributor

@bokelley bokelley commented Oct 31, 2025

Problem

Super admins (like bokelley@scope3.com) were being redirected to the signup/onboarding flow even when they had valid admin credentials. This was because the signup flow check happened BEFORE the super admin check in the OAuth callback.

Solution

This PR fixes the authentication flow by:

  1. Checking super admin status FIRST (before checking signup flow)
  2. Clearing any signup flow session state for super admins
  3. Ensuring super admins always get admin dashboard access

Changes

  • Reordered authentication checks in src/admin/blueprints/auth.py
  • Super admin check now happens at lines 262-273 (before signup flow)
  • Added session cleanup (session.pop('signup_flow')) for super admins
  • Signup flow check moved to lines 275-279 (only for non-super-admin users)

Testing

  • ✅ All unit tests passing (861 passed, 7 skipped)
  • ✅ Integration tests passing (124 passed, 1 environmental DB error unrelated to auth)
  • ✅ Pre-commit hooks passing

Production Secrets Updated

Also updated Fly.io production secrets:

  • SUPER_ADMIN_EMAILS=bokelley@scope3.com
  • SUPER_ADMIN_DOMAINS=scope3.com

Action Required

After merging:

  1. Clear browser cookies for sales-agent.scope3.com
  2. Login at https://sales-agent.scope3.com/admin/login
  3. Should see "Welcome [Name]! (Super Admin)" and admin dashboard

@bokelley @claude
fix: Check super admin status before signup flow redirect
710cfc8 
Super admins were being redirected to the signup/onboarding flow
even when they had valid admin credentials. This fix:

1. Checks super admin status BEFORE checking signup flow
2. Clears any signup flow session state for super admins
3. Ensures super admins always get admin dashboard access

Fixes issue where bokelley@scope3.com couldn't access admin UI
and was being redirected to signup instead.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@bokelley bokelley merged commit e5dfb8d into main Oct 31, 2025
10 checks passed
@github-actions github-actions bot mentioned this pull request Nov 7, 2025
Merged
danf-newton pushed a commit to Newton-Research-Inc/salesagent that referenced this pull request Nov 24, 2025
@bokelley @claude
fix: Check super admin status before signup flow redirect (adcontextp…
43d0f30 
…rotocol#674)

Super admins were being redirected to the signup/onboarding flow
even when they had valid admin credentials. This fix:

1. Checks super admin status BEFORE checking signup flow
2. Clears any signup flow session state for super admins
3. Ensures super admins always get admin dashboard access

Fixes issue where bokelley@scope3.com couldn't access admin UI
and was being redirected to signup instead.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bokelley