Authorize page logged-in state

[kentcdodds]

Enable logged-in users to approve OAuth connections without re-entering credentials on the authorize page.

This improves user experience by displaying a signed-in banner and offering a direct "Approve connection" option when a session already exists, instead of prompting for re-login.

---

 

---

Note

Medium Risk
Changes the OAuth authorization approval path and relies on cookie-based session parsing, which could affect authorization behavior if session validation/env secrets are misconfigured.

Overview
The OAuth authorize flow now detects an existing signed-in session and lets users approve a connection without re-entering email/password, including updated UI states (session-checking banner, signed-in callout, and an "Approve connection" label).

On the worker side, handleAuthorizeRequest accepts approval when either valid form credentials are provided or a valid auth session cookie is present, and passes the session email through to completeAuthorization; tests and env setup were updated to cover the session-cookie approval path.

Client session fetching logic was deduplicated into a new client/session.ts helper and reused by App and the authorize page.

^{Written by Cursor Bugbot for commit 3d73686. This will update automatically on new commits. Configure here.}

[cursor]

Cursor Agent can help with this pull request. Just @cursor in comments and I'll start working on changes in this branch.
_{Learn more about Cursor Agents}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is ON. A Cloud Agent has been kicked off to fix the reported issue.}

[cursor]

Bugbot Autofix prepared fixes for 1 of the 1 bugs found in the latest run.

• ✅ Fixed: Duplicated session-loading logic across two components
  • Extracted shared session types and fetch logic into a helper used by both components to remove duplication and keep behavior consistent.