Fix login race condition: don't call checkAuth after successful login

src/app/_components/AuthProvider.tsx

@@ -97,7 +97,6 @@ export function AuthProvider({ children }: AuthProviderProps) {
 
   const checkAuth = useCallback(() => {
     return checkAuthInternal(0);
-     
   }, []);
 
   const login = async (
@@ -115,17 +114,18 @@ export function AuthProvider({ children }: AuthProviderProps) {
       });
 
       if (response.ok) {
-        const data = (await response.json()) as { username: string };
+        const data = (await response.json()) as {
+          username: string;
+          expirationTime?: number;
+        };
         setIsAuthenticated(true);
         setUsername(data.username);
-
+        // Set expiration time from login response if available
-        // Check auth again to get expiration time
+        if (data.expirationTime) {
-        // Add a small delay to ensure the httpOnly cookie is available
+          setExpirationTime(data.expirationTime);
-        await new Promise<void>((resolve) => {
+        }
-          setTimeout(() => {
+        // Don't call checkAuth after login - we already know we're authenticated
-            void checkAuth().then(() => resolve());
+        // The cookie is set by the server response
-          }, 150);
-        });
         return true;
       } else {
         const errorData = await response.json();

src/app/api/auth/login/route.ts

@@ -41,10 +41,14 @@ export async function POST(request: NextRequest) {
     const sessionDurationDays = authConfig.sessionDurationDays;
     const token = generateToken(username, sessionDurationDays);
 
+    // Calculate expiration time for client
+    const expirationTime = Date.now() + (sessionDurationDays * 24 * 60 * 60 * 1000);
+
     const response = NextResponse.json({ 
       success: true, 
       message: 'Login successful',
-      username 
+      username,
+      expirationTime
     });
 
     // Determine if request is over HTTPS