Minor auth fixes (#4699)

frontend/src/api/open-hands.ts

@@ -141,9 +141,13 @@ class OpenHands {
    * @returns Response with authentication status and user info if successful
    */
   static async authenticate(): Promise<Response> {
-    return request(`/api/authenticate`, {
-      method: "POST",
-    });
+    return request(
+      `/api/authenticate`,
+      {
+        method: "POST",
+      },
+      true,
+    );
   }
 }
 

frontend/src/routes/oauth.github.callback.tsx

@@ -15,14 +15,6 @@ export const clientLoader = async ({ request }: ClientLoaderFunctionArgs) => {
       await OpenHands.getGitHubAccessToken(code);
 
     localStorage.setItem("ghToken", accessToken);
-    const authResponse = await OpenHands.authenticate();
-    if (!authResponse.ok) {
-      localStorage.removeItem("ghToken");
-      return json(
-        { error: "Failed to authenticate with GitHub" },
-        { status: authResponse.status },
-      );
-    }
 
     return redirect("/");
   }

frontend/src/services/api.ts

@@ -7,6 +7,7 @@ const UNAUTHED_ROUTE_PREFIXES = [
   "/api/authenticate",
   "/api/options/",
   "/config.json",
+  "/api/github/callback",
 ];
 
 export async function request(

openhands/server/github.py

@@ -76,11 +76,9 @@ class UserVerifier:
         return False
 
 
-# Global instance of user verifier
-user_verifier = UserVerifier()
-
-
 async def authenticate_github_user(auth_token) -> bool:
+    user_verifier = UserVerifier()
+
     logger.info('Checking GitHub token')
 
     if not auth_token: