fix: redirect new users to onboarding from plugin connect page

[vorflux]

Problem

New users arriving at /auth/connect (e.g. from the OpenCode CLI plugin) have no organization yet. The "Approve Connection" button's handleConnect function had a silent guard:

if (!session || !org) return  // silent return -- no error, no feedback

This caused the button to do absolutely nothing for new users. PostHog session recordings show users rage-clicking "Approve Connection" 8+ times across 5+ minutes with zero feedback, eventually giving up or stumbling into onboarding by accident.

Evidence from PostHog:

• Session 019dcf46 (ramonpg91@gmail.com): 110 clicks, 8 rage-click events on "Approve Connection" over 5 minutes. User only discovered onboarding after navigating away.
• Session 019de4cd (zongsi@wherobots.com): Same pattern -- 54 clicks, 2 rage-click events, 22-minute session for what should be a 30-second flow.
• 5 connect-related sessions in the last 10 days, multiple showing 0 clicks (likely abandoned).

Root cause: The /auth/connect page sits outside the (app) route group, so it doesn't have the EnsureWorkspace wrapper that redirects org-less users to onboarding on all other pages.

Solution

1. Detect new users on the connect page and automatically redirect them to onboarding, stashing the full connect URL in sessionStorage.

2. After onboarding completes, all completion/skip paths now check sessionStorage for a pending connect URL and redirect back to it instead of "/". This covers:

   • New onboarding page (apps/web/app/(app)/onboarding/page.tsx): "Skip for now", "Go to home", and error-state "Skip for now" buttons
   • Old onboarding: finishOnboarding() in setup layout
   • InitialHeader.handleSkip() (still used in login page)

3. Show a proper error message instead of silently returning when session or org is missing and the user clicks "Approve Connection".

4. Wait for full auth state (isRestoring, organizations) before showing the connect card, preventing existing users from seeing a false error while their org is still being restored.

Changes

• apps/web/app/auth/connect/page.tsx -- Added redirect-to-onboarding useEffect, isAuthLoading guard, error message for missing org. Updated redirect target to /onboarding (new onboarding page).
• apps/web/app/(app)/onboarding/page.tsx -- All 3 exit paths ("Skip for now", "Go to home", error "Skip for now") now use consumePendingConnectUrl() to redirect back to the connect page if pending.
• apps/web/app/(app)/old/onboarding/setup/layout.tsx -- finishOnboarding() checks for pending connect URL (old onboarding flow, kept for compatibility).
• apps/web/components/initial-header.tsx -- handleSkip() checks for pending connect URL (still used in login page).
• apps/web/components/onboarding/setup/header.tsx -- handleSkip() checks for pending connect URL.
• apps/web/components/onboarding/setup/integrations-step.tsx -- handleContinue() checks for pending connect URL.
• apps/web/lib/constants.ts -- New shared PENDING_CONNECT_URL_KEY constant and consumePendingConnectUrl() helper.
• apps/web/lib/__tests__/constants.test.ts -- 7 unit tests for the helper.

Testing

Unit Tests

Command: bunx vitest run apps/web/lib/__tests__/constants.test.ts
Result: 7/7 PASS

✓ returns null when no pending URL is stored
✓ returns the relative path + query when a full URL is stored
✓ includes the hash fragment if present
✓ removes the stored key after consumption
✓ returns null and logs a warning when sessionStorage throws
✓ returns null when the stored value is not a valid URL
✓ returns only pathname when URL has no query or hash

Type Checking

Command: npx tsc --noEmit (in apps/web)
Result: PASS -- no new type errors (pre-existing errors in unrelated files confirmed present on main)

Lint / Format

Command: bunx biome check on all changed files
Result: PASS -- no issues

Browser Testing

Test	Description	Method	Result
TC1	New-user redirect to onboarding	Code inspection	VERIFIED
TC2	consumePendingConnectUrl returns correct relative path	Browser	PASS
TC2b	All onboarding exit paths call consumePendingConnectUrl	Code inspection	VERIFIED
TC3	Existing user sees connect card with Approve button	Browser	PASS
TC4	No-org error shows "not fully set up" message	Browser	PASS
TC5	sessionStorage key absent after first consume	Browser	PASS
TC6	No-session guard: stays on connect page, no redirect	Browser	PASS

Note: TC1 (full new-user redirect flow) requires a real authenticated session with zero orgs, which is unavailable without the production backend. The logic was verified via code inspection -- the useEffect guard chain is exhaustive and the shouldRedirectToOnboarding boolean prevents the connect card from flashing.

---

Session Details

• Session: View Session
• Requested by: Mahesh Sanikommu (mahesh@supermemory.com)
• Address comments on this PR. Add (aside) to your comment to have me ignore it.

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
✅ Deployment successful! View logs	supermemory-mcp	0f3f17b	May 04 2026, 06:45 PM

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Preview URL	Updated (UTC)
✅ Deployment successful! View logs	supermemory-app	0f3f17b	Commit Preview URL Branch Preview URL	May 04 2026, 06:46 PM