Skip to content

Fix/sync user role from api #16846

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Fix/sync user role from api #16846

wants to merge 3 commits into from
+209 −6

Conversation

@theptrk
Copy link

@theptrk theptrk commented Nov 19, 2025

fix(ui): sync user role from API to prevent stale permissions

  Users were experiencing an issue where changing their Global Proxy Role
  required clearing browser cookies to see updated permissions. This was
  caused by the UI caching user_role and user_email from the JWT token
  in cookies, which doesn't refresh when admins update roles in the database.

  Root Cause:
  - JWT tokens are long-lived and cached in browser cookies
  - On page load, UI decoded JWT and set user_role from the token
  - When admins changed a user's role, the database updated but JWT stayed stale
  - UI never synced fresh user_role from /user/info API endpoint despite fetching it
  - Users needed to clear cookies to force new JWT generation with updated role

  This affected 100+ teams with users frequently transitioning from "Internal Viewer"
  to "Internal User" roles when granted admin rights.

  Solution:
  1. UserDashboard component now extracts user_role and user_email from the
     /user/info API response (which queries database) and updates React state
     when values differ from cached JWT values

  2. Main page component now listens for tab visibility changes and refreshes
     user data when tab becomes active, ensuring role changes sync even when
     users leave tabs open for extended periods

  Performance Impact:
  - Zero additional API calls - reuses existing /user/info endpoint
  - Minimal UI flash on initial load (JWT role → API role in milliseconds)
  - Visibility handler only fires when tab becomes active after being hidden

  Testing:
  - Verified role updates sync without cookie clear after admin changes role
  - Confirmed visibility handler updates stale roles when returning to tab
  - No performance degradation observed

  🤖 Generated with [Claude Code](https://claude.com/claude-code)

  Co-Authored-By: Claude <[email protected]>

@vercel
Copy link

vercel bot commented Nov 19, 2025

@theptrk is attempting to deploy a commit to the CLERKIEAI Team on Vercel.

A member of the Team first needs to authorize it.

@CLAassistant
Copy link

CLAassistant commented Nov 19, 2025

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@theptrk @CLAassistant