♻️ Small auth improvements#290
Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
🚧 Files skipped from review as they are similar to previous changes (2)
WalkthroughAuth discovery loading is shared across OAuth operations, with fallback loading and error handling. Auth context refreshes are deduplicated through an in-flight promise, successful refreshes trigger rescheduling, and provider values are memoized. ChangesOAuth authentication flow
Estimated code review effort: 4 (Complex) | ~45 minutes Possibly related PRs
Suggested labels: Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 inconclusive)
✅ Passed checks (4 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@ecoscan_app/context/AuthContext.tsx`:
- Around line 128-150: Update refreshInternal in AuthContext to track the active
refresh operation with a ref holding the in-flight promise. Return that promise
when a refresh is already running, assign the promise when starting
refreshOAuth, and clear the ref in finally so concurrent callers await
completion instead of resolving immediately with stale tokens.
- Around line 138-139: Automatic token refresh stops after the first cycle
because updating tokenExpiresAtRef does not retrigger the scheduling effect. In
AuthContext’s successful refresh flow around refreshOAuth and the effect near
the authentication timeout logic, explicitly schedule the next refresh after
saveTokens completes, or make token expiry state reactive so the effect reruns;
ensure each successful refresh reliably establishes the following refresh timer.
In `@ecoscan_app/hooks/useOAuthFlow.ts`:
- Around line 80-83: Update the useCallback refresh function to throw an error
when discovery resolution fails instead of returning undefined. Ensure the
failure occurs after discovery || loadDiscovery() yields no discovery document,
allowing AuthContext.refreshInternal’s existing error path to clear expired
credentials.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 9c5fcf67-1496-4d03-a6ae-677124a10705
📒 Files selected for processing (2)
ecoscan_app/context/AuthContext.tsxecoscan_app/hooks/useOAuthFlow.ts
d5ba803 to
348c31b
Compare
ed7a093 to
0efe8fd
Compare
This pull request refactors authentication logic to improve reliability and maintainability, especially around OAuth discovery and token management. The main changes include centralizing the discovery document loading logic, enhancing error handling, and optimizing React context value updates.
Authentication and OAuth Flow Improvements:
loadDiscoveryfunction, ensuring consistent and reliable fetching and error handling across all authentication actions. This also adds user-facing alerts when the discovery service is unavailable.login,refresh,logout,getValidAccessToken) to use the newloadDiscoverylogic, reducing code duplication and preventing failures when the discovery document is missing. [1] [2] [3] [4] [5] [6] [7]React Context and State Management:
useMemohook, ensuring that consumers only re-render when relevant values actually change. [1] [2]refreshTimeoutRefto support both browser and Node.js environments.useMemoto imports. [1] [2]These changes make the authentication flow more robust, easier to maintain, and less error-prone, especially in scenarios where the OAuth discovery document may not be immediately available.