Highlights
The OAuth consent screen — the page you see when a service like ChatGPT asks for permission to read your solar data — now lives in the same Nuxt SPA as the rest of the app. Same amber/orange palette, same dark mode, same components. Internally it was a standalone HTML page; now it's a real page on the site.
What's new
Native consent screen
- New
/connect/authorizepage renders inside the app shell with the sameUCard/UButton/ dark-mode treatment used everywhere else. - The page shows the requesting application's name, your account, and the permissions being granted. Authorize redirects back to the client with an access code; Cancel denies the request.
- Approving still goes through Passport server-side — nothing about the OAuth security model changes; only the UI moved.
Better login redirects
- Hitting a server-rendered route (like
/oauth/authorizeor/horizon) when you're signed out now bounces you to the Nuxt sign-in page with a?redirect_to=parameter. After you sign in, you're sent right back to where you were going. - The login form validates the redirect target so only same-origin URLs are honored.
Cleanup
- The temporary Blade fallback consent view added in v1.2.4 is gone — there's only one consent UI now, and it's part of the SPA.