GitHub user dosubot[bot] added a comment to the discussion: Superset login form performing a postForm, which submits a hidden form, causing the login button not getting disabled properly
<!-- Answer --> You've correctly identified the issue. The [`SupersetClient.postForm`](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset-frontend/packages/superset-ui-core/src/connection/SupersetClientClass.ts#L118-L146) method creates a hidden HTML form, submits it via traditional browser form POST, and then removes it—this causes a full page navigation rather than an AJAX/fetch request. In the [login component](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset-frontend/src/pages/Login/index.tsx), the `onFinish` handler sets `loading` to `true` before calling `postForm()` and expects `.finally()` to reset it. However, since successful login navigates away from the page, the component unmounts before `setLoading(false)` can have any meaningful effect. The loading state only provides brief feedback before navigation occurs and helps prevent double-clicks, but it doesn't function as a proper SPA loading indicator. This is a known architectural limitation of using `postForm` for authentication. A proper fix would involve migrating to a fetch-based login API that returns a response without full page navigation, allowing React to properly manage the loading state throughout the authentication flow. <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/2fbebd49-c407-45bf-8af4-55bce4d2aa68?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/2fbebd49-c407-45bf-8af4-55bce4d2aa68?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/2fbebd49-c407-45bf-8af4-55bce4d2aa68?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/2fbebd49-c407-45bf-8af4-55bce4d2aa68?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/2fbebd49-c407-45bf-8af4-55bce4d2aa68?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/2fbebd49-c407-45bf-8af4-55bce4d2aa68?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/2fbebd49-c407-45bf-8af4-55bce4d2aa68?feedback_type=other)</sup> [](https://app.dosu.dev/a28d3c7e-a9d3-459e-9fb6-3a6f9ff4f357/ask?utm_source=github) [](https://cursor.com/link/prompt?text=You%27ve%20correctly%20identified%20the%20issue.%20The%20%5B%60SupersetClient.postForm%60%5D%28https%3A//github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset-frontend/packages/superset-ui-core/src/connection/SupersetClientClass.ts%23L118-L146%29%20method%20creates%20a%20hidden%20HTML%20form%2C%20submits%20it%20via%20traditional%20browser%20form%20POST%2C%20and%20then%20removes%20it%E2%80%94this%20causes%20a%20full%20page%20navigation%20rather%20than%20an%20AJAX/fetch%20request.%0A%0AIn%20the%20%5Blogin%20component%5D%28https%3A//github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/superset-frontend/src/pages/Login/index.tsx%29%2C%20the%20%60onFinish%60%20handler%20sets%20%60loading%60%20to%20%60true%60% 20before%20calling%20%60postForm%28%29%60%20and%20expects%20%60.finally%28%29%60%20to%20reset%20it.%20However%2C%20since%20successful%20login%20navigates%20away%20from%20the%20page%2C%20the%20component%20unmounts%20before%20%60setLoading%28false%29%60%20can%20have%20any%20meaningful%20effect.%20The%20loading%20state%20only%20provides%20brief%20feedback%20before%20navigation%20occurs%20and%20helps%20prevent%20double-clicks%2C%20but%20it%20doesn%27t%20function%20as%20a%20proper%20SPA%20loading%20indicator.%0A%0AThis%20is%20a%20known%20architectural%20limitation%20of%20using%20%60postForm%60%20for%20authentication.%20A%20proper%20fix%20would%20involve%20migrating%20to%20a%20fetch-based%20login%20API%20that%20returns%20a%20response%20without%20full%20page%20navigation%2C%20allowing%20React%20to%20properly%20manage%20the%20loading%20state%20throughout%20the%20authentication%20flow.) [](https ://go.dosu.dev/discord-bot) [](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/superset/discussions/38007) GitHub link: https://github.com/apache/superset/discussions/38007#discussioncomment-15820307 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
