Fix flaky auth test with console error "Failed to fetch" (#3287)

package.json

@@ -69,7 +69,7 @@
     "format-util": "1.0.5",
     "globby": "14.0.1",
     "jsdom": "24.0.0",
-    "lerna": "8.1.2",
+    "lerna": "7.4.2",
     "markdownlint-cli2": "0.12.1",
     "prettier": "3.2.5",
     "pretty-quick": "4.0.0",

packages/create-toolpad-app/tests/index.spec.ts

@@ -35,8 +35,7 @@ async function waitForMatch(input: Readable, regex: RegExp): Promise<RegExpExecA
   });
 }
 
-// @TODO: Unskip once @toolpad/studio is released for the first time.
-test.skip(
+test(
   'create-toolpad-app can bootstrap a Toolpad Studio app',
   async () => {
     testDir = await fs.mkdtemp(path.resolve(os.tmpdir(), './test-app-'));

packages/toolpad-studio/src/runtime/SignInPage.tsx

@@ -70,7 +70,7 @@ export default function SignInPage() {
   React.useEffect(() => {
     const authError = urlParams.get(AUTH_ERROR_URL_PARAM);
 
-    if (authError === 'AuthorizedCallbackError') {
+    if (authError === 'AuthorizedCallbackError' || authError === 'CredentialsSignin') {
       setErrorSnackbarMessage('Access unauthorized.');
     } else if (authError === 'CallbackRouteError') {
       setErrorSnackbarMessage(

packages/toolpad-studio/src/server/auth.ts

@@ -279,9 +279,16 @@ export async function createRequireAuthMiddleware(project: ToolpadProject) {
 
     const isPageRequest = req.get('sec-fetch-dest') === 'document';
     const signInPath = `${base}/signin`;
+    const editorPath = `${base}/editor`;
+
+    const requestPath = req.originalUrl.split('?')[0];
 
     let isAuthorized = true;
-    if ((!project.options.dev || isPageRequest) && req.originalUrl.split('?')[0] !== signInPath) {
+    if (
+      (!project.options.dev || isPageRequest) &&
+      !requestPath.startsWith(signInPath) &&
+      !requestPath.startsWith(editorPath)
+    ) {
       const token = await getUserToken(req);
       if (!token) {
         isAuthorized = false;