The Bicyblex admin dashboard is protected by Supabase session-based authentication. Every visit toDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/bicyblex/bicyblexStore/llms.txt
Use this file to discover all available pages before exploring further.
/dashboard triggers an async session check before any dashboard UI is painted. If no valid Supabase session is found, the visitor is automatically redirected to /login — there is no way to access the dashboard content without first authenticating. The entire auth flow is handled client-side inside the DashboardCentral component using the Supabase JavaScript client.
How authentication works
When a user navigates to/dashboard, the page component DashboardCentral mounts and immediately runs an auth check inside a useEffect hook. The check calls supabase.auth.getSession(), which returns the active session from the Supabase client’s local storage cache.
The flow proceeds as follows:
- User navigates to
/dashboard DashboardCentralmounts and theuseEffectfiressupabase.auth.getSession()is called asynchronously- If no session is returned →
router.push('/login')redirects the user immediately - If a session is found →
setUser(session.user)stores the user object andsetCheckingAuth(false)clears the loading state, revealing the dashboard
src/components/dashboard/dashboard.jsx and runs on every dashboard page mount, including after browser refreshes.
Logging in
The/login route renders the <Login> component (src/components/login/login). Submit your admin credentials through the login form, and upon success Supabase writes the session to local storage. The next navigation to /dashboard will pass the session check.
To create an admin user account, use the Supabase Dashboard directly — do not expose user creation through any public-facing API endpoint:
- Open your project in the Supabase Dashboard
- Navigate to Authentication → Users
- Click Add user and provide an email and password
- The new user can immediately log in at
/login
Logging out
The dashboard sidebar contains a Cerrar sesión button at the bottom. Clicking it callssupabase.auth.signOut() to invalidate the session, then redirects to /login:
/dashboard will fail the session check and redirect back to /login.
Auth during loading
While the session check is in progress (checkingAuth === true), DashboardCentral renders a full-screen loading state instead of the dashboard layout. This prevents any flash of dashboard content before the auth check resolves:
checkingAuth state starts as true and is set to false only after a valid session is confirmed. A failed session check redirects before checkingAuth is ever cleared.
