From 463877b8fcadef04d9b92ea7d8df5194d318682f Mon Sep 17 00:00:00 2001 From: anti Date: Tue, 28 Apr 2026 23:18:39 -0400 Subject: [PATCH] fix(ui): hit /topologies/ with trailing slash to keep bearer MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit FastAPI's redirect_slashes=True 307s /topologies → /topologies/, and the browser drops Authorization on the redirected URL — the topology picker in the canary create modal was landing as 401 even for admins. Hit the canonical (trailing-slash) path so the request resolves on the first hop. --- decnet_web/src/components/CanaryTokens.tsx | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/decnet_web/src/components/CanaryTokens.tsx b/decnet_web/src/components/CanaryTokens.tsx index 2511eb56..28233d82 100644 --- a/decnet_web/src/components/CanaryTokens.tsx +++ b/decnet_web/src/components/CanaryTokens.tsx @@ -868,7 +868,11 @@ const CanaryTokens: React.FC = () => { api.get('/deckies').catch(() => ({ data: [] })), // Active topologies only — planting on a torn-down or pending // topology would 422/404 anyway. Endpoint shape: { data: [...] } - api.get('/topologies?status=active').catch(() => ({ data: { data: [] } })), + // Trailing slash matters: FastAPI's slash-redirect issues a 307 + // and the browser re-fires without the Authorization header, + // landing as 401 on the redirected URL. Hit the canonical + // path (/topologies/) directly. + api.get('/topologies/?status=active').catch(() => ({ data: { data: [] } })), ]); setTokens(t.data.tokens || []); setBlobs(b.data.blobs || []);