From 826561c33d6871ea63739464437660adb3c353c4 Mon Sep 17 00:00:00 2001
From: aadesh18 <110230993+aadesh18@users.noreply.github.com>
Date: Thu, 2 Apr 2026 17:14:06 -0700
Subject: [PATCH] Session not found/expired bug fix (#1212)

When you click on a saved account (like "admin@example.com"), the login
form is automatically submitted. But if you then also click the "Sign
In" button (or click the account a second time), a second login attempt
is sent, even though the first one already completed. The second attempt
then fails because the login session it's trying to use is already gone,
causing the "Session not found" error.


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Improved form submission handling on the login page to prevent
duplicate sign-in attempts from rapid user actions or accidental
double-clicks. The form now ensures only one submission occurs per
session.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---
 apps/mock-oauth-server/src/index.ts | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/apps/mock-oauth-server/src/index.ts b/apps/mock-oauth-server/src/index.ts
index 717535f25..4fdec8fd5 100644
--- a/apps/mock-oauth-server/src/index.ts
+++ b/apps/mock-oauth-server/src/index.ts
@@ -211,6 +211,11 @@ const loginTemplateSource = `
           // Get the form element to submit later
           const form = document.querySelector('form');
           if (!form) return;
+          let submitted = false;
+          const submitOnce = () => {
+            if (submitted) return;
+            form.requestSubmit();
+          };
         
           // Render the list of stored accounts and add direct submission on click.
           const renderStoredAccounts = () => {
@@ -237,7 +242,7 @@ const loginTemplateSource = `
                 card.addEventListener('click', () => {
                   const selectedEmail = card.getAttribute('data-email') || '';
                   emailInput.value = selectedEmail;
-                  form.submit();
+                  submitOnce();
                 });
               });
             } else {
@@ -247,8 +252,12 @@ const loginTemplateSource = `
         
           renderStoredAccounts();
         
-          // On form submission, store the email if it's not already stored.
-          form.addEventListener('submit', () => {
+          form.addEventListener('submit', (e) => {
+            if (submitted) {
+              e.preventDefault();
+              return;
+            }
+            submitted = true;
             const email = emailInput.value.trim();
             if (email && !storedAccounts.includes(email)) {
               storedAccounts.push(email);