UKHSA-Internal · dw-ukhsa · Jun 17, 2026 · Jun 18, 2026 · Jun 18, 2026 · Jun 18, 2026
@@ -241,7 +241,7 @@ jobs:
       - name: Start dev server
         id: start-dev-server
         run: |
-          node .next/standalone/server.js &
+          node .next/standalone/server.js > next-server.log 2>&1 &
           echo "devServerPID=$!" >> "$GITHUB_OUTPUT"
         env:
           PORT: 3000
@@ -264,6 +264,13 @@ jobs:
           baseURL: http://localhost:3000
           AUTH_ENABLED: true
 
+      # ── Dev server log dump ───────────────────────────────────────────────────
+      - name: Dump next server logs
+        if: always()
+        run: |
+          echo "==== next-server.log ===="
+          cat next-server.log || true
+
       # ── Artifacts ─────────────────────────────────────────────────────────────
       - name: Upload Playwright report
         uses: actions/upload-artifact@v4

diff --git a/e2e/fixtures/auth/auth-setup.fixture.ts b/e2e/fixtures/auth/auth-setup.fixture.ts
@@ -34,13 +34,19 @@ export const AuthSetupFixtures = base.extend<AuthSetupFixtures>({
   },
 
   setupAuth: [
-    async ({ page, authEnabled, startLoggedOut }, use) => {
+    async ({ page, authEnabled, startLoggedOut }, use, testInfo) => {
+      const logPrefix = `[auth setup] ${testInfo.titlePath.join(' > ')}`
+
+      console.log(`${logPrefix}: start`, { authEnabled, startLoggedOut });
+
       if (!authEnabled || startLoggedOut) {
+        console.log(`${logPrefix}: clearing cookies and skipping setup`);
         await page.context().clearCookies()
         return await use()
       }
 
       await page.route('**/api/auth/session', async (route) => {
+        console.log(`${logPrefix}: intercepted /api/auth/session`);
         await route.fulfill({
           status: 200,
           contentType: 'application/json',
@@ -49,6 +55,7 @@ export const AuthSetupFixtures = base.extend<AuthSetupFixtures>({
       })
 
       await page.route('**/oauth2/token', async (route) => {
+        console.log(`${logPrefix}: intercepted /oauth2/token`);
         await route.fulfill({
           status: 200,
           contentType: 'application/json',
@@ -73,9 +80,29 @@ export const AuthSetupFixtures = base.extend<AuthSetupFixtures>({
         },
       ])
 
-      await page.goto('/start')
+      console.log(`${logPrefix}: cookies injected`);
+
+      const startedAt = Date.now();
+      console.log(`${logPrefix}: goto /start begin`);
+
+      const response = await page.goto('/start')
+
+      console.log(`${logPrefix}: goto /start complete`, {
+        elapsedTime: Date.now() - startedAt,
+        status: response?.status(),
+        url: page.url()
+      });
+
+      const networkStartedAt = Date.now();
+      console.log(`${logPrefix}: networkidle begin`);
+
       await page.waitForLoadState('networkidle')
 
+      console.log(`${logPrefix}: networkidle complete`, {
+        elapsedTime: Date.now() - networkStartedAt,
+        url: page.url()
+      });
+
       await use()
     },
     { auto: true },

diff --git a/src/app/components/cms/pages/Start.tsx b/src/app/components/cms/pages/Start.tsx
@@ -17,7 +17,9 @@ import { auth } from '@/auth'
  * The non-public dashboard signup page
  */
 export default async function StartPage({ searchParams: { logout } }: PageComponentBaseProps<{ logout?: 'success' }>) {
+  console.log('[debug-log] StartPage: before auth');
   const session = await auth()
+  console.log('[debug-log] StartPage: after auth', session);
 
   if (session) redirect('/acknowledgement')
 

@@ -6,7 +6,7 @@ import { ConsentScript } from './ConsentScript'
 const GTM_ID = process.env.GOOGLE_TAG_MANAGER_ID
 
 export const GoogleTagManager = () => {
-  if (!GTM_ID.length) return null
+  if (!GTM_ID?.length) return null
 
   return (
     <>

diff --git a/src/app/layout.tsx b/src/app/layout.tsx
@@ -26,7 +26,9 @@ export const dynamic = 'auto'
 
 export default async function RootLayout({ children }: { children: React.ReactNode }) {
   const { t } = await getServerTranslation('common')
+  console.log('[debug-log] RootLayout: before getAuthToken');
   const accessToken = await getAuthToken()
+  console.log('[debug-log] RootLayout: after getAuthToken');
 
   const cookieStore = await cookies()
   return (

diff --git a/src/proxy.ts b/src/proxy.ts
@@ -30,6 +30,8 @@ export const proxy: NextProxy = async (request: NextRequest) => {
   if (process.env.AUTH_ENABLED === 'true') {
     const unauthenticatedPaths = ['/api/health', '/robots.txt']
 
+    console.log('[debug-log] proxy: auth enabled block');
+
     if (unauthenticatedPaths.some((path) => request.nextUrl.pathname.startsWith(path))) {
       return response
     }
@@ -44,7 +46,9 @@ export const proxy: NextProxy = async (request: NextRequest) => {
       //   return NextResponse.redirect(new URL('/start', request.url))
       // }
       response = await validateAndRenewSession(request, response)
+      console.log('[debug-log] proxy: after validateAndRenewSession', response.status);
     } catch (error) {
+      console.log('[debug-log] proxy: error', error);
       logger.error('Auth middleware error:', error)
       return NextResponse.redirect(new URL('/start', request.url))
     }