feat(auth): env-guarded custom Ory Elements flow pages (all four flows)#428
Merged
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
huv1k
force-pushed
the
huv1k/ory-flows-env-guarded-pages
branch
from
228dbff to
21b0df7
Compare
huv1k
force-pushed
the
huv1k/ory-flows-env-guarded-pages
branch
from
433cf42 to
63d4c56
Compare
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 63d4c564cc
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
drankou
reviewed
Jun 17, 2026
drankou
reviewed
Jun 17, 2026
huv1k
force-pushed
the
huv1k/ory-flows-env-guarded-pages
branch
from
63d4c56 to
5e32d36
Compare
Render the login, registration, recovery, and verification self-service flows with a custom @ory/elements-react UI served same-origin, so the whole flow (including preview deployments) stays on the visiting host. Gated by NEXT_PUBLIC_ORY_CUSTOM_UI: enabled on Preview + Staging; on Production (unset) the pages redirect to the existing /sign-in, /sign-up, /forgot-password. The same-origin Ory SDK proxy (/self-service, /sessions/ whoami, …) is gated by the same flag, so the Auth.js + Hydra path is untouched in production. Adds @ory/elements-react + @ory/nextjs, src/configs/ory.ts, the component overrides (incl. a single-input CodeInput for recovery/verification codes and <title>s on the SSO logos), and flow-aware card header/footer. Inlines @ory/nextjs in the vitest config so its extensionless next/server import resolves under tests.
huv1k
force-pushed
the
huv1k/ory-flows-env-guarded-pages
branch
from
5e32d36 to
e7bc5c2
Compare
drankou
approved these changes
Jun 17, 2026
This was referenced Jun 17, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Renders the login, registration, recovery, and verification Ory self-service flows with a custom
@ory/elements-reactUI served same-origin, so the whole flow (including preview deployments) stays on the visiting host. Gated byNEXT_PUBLIC_ORY_CUSTOM_UI: enabled on Preview + Staging, while on Production (unset) the pages redirect to the existing/sign-in,/sign-up,/forgot-password— and the gated same-origin Ory SDK proxy (/self-service,/sessions/whoami, …) is inert there, so the Auth.js + Hydra path is untouched. Extracts the UI from #414, extends it to all four flows (like #427), and swaps #414's PostHog gate for the plain env var. Adds@ory/elements-react+@ory/nextjs,src/configs/ory.ts, the component overrides (including a single-inputCodeInputand flow-aware card header/footer), and the four flow pages.Follow-ups (not in this PR): the
@ory/nextjspreview-host patch (so the SDK URL honors the request host on Vercel previews rather thanVERCEL_URL) is intentionally left out and will land separately. Ory/Hydra's server-side*_ui_urlmust also point at the dashboard origin for staging/preview to route here (terraformenable_custom_auth_ui); setNEXT_PUBLIC_ORY_CUSTOM_UI=true+NEXT_PUBLIC_ORY_SDK_URLin those envs.