Fix public auth portal redirects for sign-in/up#36
Open
Huynhthuongg wants to merge 6 commits into
Open
Conversation
…mux lab and tools pages
… App.tsx conflicts
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
📝 WalkthroughWalkthroughPR thiết lập hệ thống chế độ xác thực có cấu hình linh hoạt (clerk hoặc public), mở rộng định tuyến ứng dụng để hỗ trợ cả hai chế độ, bổ sung sáu trang UI mới và cập nhật type annotation cũng như tài liệu cấu hình. ChangesAuth Mode Framework và Routing
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
✨ Simplify code
Warning Review ran into problems🔥 ProblemsLinked repositories: Your configuration references 1 linked repositories, but your current plan allows 0. Analyzed ``, skipped Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
Kilo Code Review could not run — your account is out of credits. Add credits or switch to a free model to enable reviews on this change. |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 7
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
artifacts/sandbox-ai/src/components/chat-area.tsx (1)
285-289:⚠️ Potential issue | 🟡 Minor | ⚡ Quick winBỏ
anykhỏi callbackonSuccessđể giữ an toàn kiểu choconv.id(chat-area.tsx:285-289)Ép
conv: anylàm mất kiểu trả về của mutation; khi dùngconv.idthì lỗi shape chỉ lộ ở runtime. Thay bằng kiểu suy luận/kiểu trả về tương ứng từuseCreateOpenaiConversation.Đề xuất sửa nhanh
- onSuccess: (conv: any) => { + onSuccess: (conv) => { queryClient.invalidateQueries({ queryKey: getListOpenaiConversationsQueryKey() }); pendingRef.current = { message: content, forConvId: conv.id }; navigate(`/chat/${conv.id}`); },Ngoài ra,
onSuccess: (conv: any)cũng xuất hiện ởartifacts/sandbox-ai/src/components/chat-sidebar.tsx(và cófilter((c: any) => ...)).🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@artifacts/sandbox-ai/src/components/chat-area.tsx` around lines 285 - 289, The onSuccess callback currently types its parameter as conv: any which loses compile-time guarantees for conv.id; update the handler to use the actual mutation return type from useCreateOpenaiConversation (or infer it via ReturnType/typeof from that hook) instead of any, e.g. change onSuccess: (conv: any) => ... to onSuccess: (conv: CreateOpenaiConversationResult) => ... (or the inferred type) so conv.id is statically typed, and apply the same replacement for other occurrences (e.g., the onSuccess in chat-sidebar.tsx and any filter((c: any) => ...) there) to remove all uses of any and preserve type safety for IDs and shapes referenced inside the callbacks.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@artifacts/sandbox-ai/src/components/chat-sidebar.tsx`:
- Around line 106-109: Remove the use of `any` in the `onSuccess` callback and
the `.filter((c: any) => ...)` predicate so TypeScript can infer the real
conversation type: update `onSuccess: (conv: any)` to `onSuccess: (conv)` (or to
the explicit Conversation type if available) and change `.filter((c: any) =>
...)` to `.filter((c) => ...)` (or `.filter((c: Conversation) => ...)`),
ensuring usages like `conv.id`, `c.title`, and `c.mode` are type-checked; keep
existing logic that calls
`queryClient.invalidateQueries(getListOpenaiConversationsQueryKey())`,
`setLocation(`/chat/${conv.id}`)`, and `onClose?.()`.
In `@artifacts/sandbox-ai/src/config/auth-mode.ts`:
- Around line 25-29: Status của mục VITE_CLERK_PUBLISHABLE_KEY hiện sử dụng
isClerkConfigured trực tiếp nên khi authMode === "public" vẫn có thể hiển thị
"missing"; update logic của trường status (tham chiếu
VITE_CLERK_PUBLISHABLE_KEY, required, status, isClerkConfigured, authMode) để
khi required === true thì trả về isClerkConfigured ? "ok" : "missing", còn khi
required === false thì trả về "ok" (hoặc một trạng thái không áp dụng) để tránh
báo đỏ sai ngữ cảnh.
In `@artifacts/sandbox-ai/src/pages/auth-portal.tsx`:
- Around line 12-13: The two CTA Link components that currently point to
"/sign-in" and "/sign-up" should respect the authentication feature flag: check
the isAuthEnabled boolean in the auth-portal component and, if false, either (A)
change the href targets to a safe page (e.g., "/auth" or "#") and add a disabled
style/aria-disabled attribute, or (B) keep the links but prevent navigation and
show a toast/modal informing the user that auth is disabled; update the Link
elements that render the "Tiếp tục với Google / GitHub" and "Tạo tài khoản mới"
buttons to branch on isAuthEnabled and implement the chosen behavior (disable +
message or conditional href) so clicks no longer loop back to /auth when auth is
off.
In `@artifacts/sandbox-ai/src/pages/mobile-dashboard.tsx`:
- Line 18: Thẻ <nav> (the element with className "p-4 space-y-2 border-b
border-white/10") cần có thuộc tính id tương ứng với giá trị của aria-controls
để liên kết truy cập; xác định giá trị aria-controls đang dùng (ví dụ
"mobile-nav" hoặc giá trị trong component điều khiển) và thêm id="that-value"
vào thẻ nav trong component mobile-dashboard.tsx (tìm phần render chứa <nav
className="p-4 space-y-2 border-b border-white/10"> và thêm id trùng khớp).
- Line 10: The icon-only toggle button lacks an accessible name; update the
button (the element with onClick={() => setOpen((v) => !v)} and className="p-2
rounded-lg border border-white/20") to include an explicit accessible name by
adding an aria-label (e.g., "Open menu" / "Close menu") and connect its expanded
state by adding aria-expanded={open} (or equivalent state variable) so screen
readers know the control purpose and current state.
In `@artifacts/sandbox-ai/src/pages/termux-lab.tsx`:
- Line 13: The input for command editing (value bound to cmd and onChange
calling setCmd) lacks an accessible label; add either a visible <label> tied via
id/htmlFor to this input or an aria-label (for example "Command input" or
similar), ensuring the input element gets an id and the label or aria-label is
present so screen readers and assistive tech can identify the field.
In `@docs_self_healing_process.md`:
- Around line 3-27: Several headings in the document ("Goal", "1) Detect", "2)
Classify", "3) Notify owner", "4) Auto-remediation checklist", "5) Prevent
regressions") are missing a blank line after the heading which triggers
markdownlint MD022; fix by inserting a single empty line immediately after each
of those heading lines so each heading is followed by a blank line before the
next content line or list, ensuring the headings comply with MD022.
---
Outside diff comments:
In `@artifacts/sandbox-ai/src/components/chat-area.tsx`:
- Around line 285-289: The onSuccess callback currently types its parameter as
conv: any which loses compile-time guarantees for conv.id; update the handler to
use the actual mutation return type from useCreateOpenaiConversation (or infer
it via ReturnType/typeof from that hook) instead of any, e.g. change onSuccess:
(conv: any) => ... to onSuccess: (conv: CreateOpenaiConversationResult) => ...
(or the inferred type) so conv.id is statically typed, and apply the same
replacement for other occurrences (e.g., the onSuccess in chat-sidebar.tsx and
any filter((c: any) => ...) there) to remove all uses of any and preserve type
safety for IDs and shapes referenced inside the callbacks.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: 2319ca05-ff1c-47d3-aaca-01d682545978
📒 Files selected for processing (12)
artifacts/sandbox-ai/src/App.tsxartifacts/sandbox-ai/src/components/chat-area.tsxartifacts/sandbox-ai/src/components/chat-sidebar.tsxartifacts/sandbox-ai/src/config/auth-mode.tsartifacts/sandbox-ai/src/pages/auth-portal.tsxartifacts/sandbox-ai/src/pages/chat-static.tsxartifacts/sandbox-ai/src/pages/health-config.tsxartifacts/sandbox-ai/src/pages/mobile-dashboard.tsxartifacts/sandbox-ai/src/pages/termux-lab.tsxartifacts/sandbox-ai/src/pages/tools-hub.tsxartifacts/sandbox-ai/tsconfig.jsondocs_self_healing_process.md
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
12 issues found across 12 files
Confidence score: 3/5
- There is concrete user-impact risk: in
artifacts/sandbox-ai/src/pages/auth-portal.tsx, public-mode CTA links to/sign-inand/sign-upcan redirect back to/auth, creating a loop where users cannot proceed. - The highest-severity issue is accessibility in
artifacts/sandbox-ai/src/pages/termux-lab.tsx(missing accessible name on an interactive input), which can block assistive-technology users and should be fixed before relying on this UI. - Additional medium-risk regressions are present, including public-mode routing in
artifacts/sandbox-ai/src/App.tsx(/chatand/chat/:idredirecting to/and breaking CTA flow), plus broad i18n and test-coverage gaps across new UI surfaces. - Pay close attention to
artifacts/sandbox-ai/src/pages/auth-portal.tsx,artifacts/sandbox-ai/src/pages/termux-lab.tsx, andartifacts/sandbox-ai/src/App.tsx- routing behavior and accessibility have the most direct end-user impact.
Reply with feedback, questions, or to request a fix.
Re-trigger cubic
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
There was a problem hiding this comment.
5 issues found across 12 files
Confidence score: 3/5
- There is meaningful merge risk because two high-severity findings are in user-critical areas: accessibility gaps in
artifacts/sandbox-ai/src/pages/mobile-dashboard.tsxand untested core auth/navigation flows inartifacts/sandbox-ai/src/App.tsx. - The missing
aria-labelandaria-expandedon the icon-only menu toggle inartifacts/sandbox-ai/src/pages/mobile-dashboard.tsxcan directly impact screen-reader usability and WCAG compliance. artifacts/sandbox-ai/src/pages/auth-portal.tsxhas multiple hardcoded user-facing strings (heading, description, button), which raises localization/regression risk but appears less merge-blocking than the accessibility and test-coverage concerns.- Pay close attention to
artifacts/sandbox-ai/src/pages/mobile-dashboard.tsx,artifacts/sandbox-ai/src/App.tsx, andartifacts/sandbox-ai/src/pages/auth-portal.tsx- fix accessibility attributes, add auth/navigation path tests, and replace hardcoded UI text with translation calls.
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="artifacts/sandbox-ai/src/pages/mobile-dashboard.tsx">
<violation number="1" location="artifacts/sandbox-ai/src/pages/mobile-dashboard.tsx:10">
P1: Custom agent: **Enforce Accessibility Standards (WCAG...)**
Icon-only menu toggle is missing `aria-label` and `aria-expanded` attributes required for screen-reader accessibility.</violation>
</file>
<file name="artifacts/sandbox-ai/src/App.tsx">
<violation number="1" location="artifacts/sandbox-ai/src/App.tsx:275">
P1: Custom agent: **Enforce Pragmatic Test Coverage**
Core auth/navigation logic added without test coverage for main success/failure paths</violation>
</file>
<file name="artifacts/sandbox-ai/src/pages/auth-portal.tsx">
<violation number="1" location="artifacts/sandbox-ai/src/pages/auth-portal.tsx:7">
P2: Custom agent: **Enforce i18n for User-Facing Strings**
User-facing heading text is hardcoded instead of using a translation function (t(), useTranslation, etc.).</violation>
<violation number="2" location="artifacts/sandbox-ai/src/pages/auth-portal.tsx:9">
P2: Custom agent: **Enforce i18n for User-Facing Strings**
User-facing description text is hardcoded instead of using a translation function.</violation>
<violation number="3" location="artifacts/sandbox-ai/src/pages/auth-portal.tsx:13">
P2: Custom agent: **Enforce i18n for User-Facing Strings**
User-facing button label is hardcoded instead of using a translation function.</violation>
</file>
Reply with feedback, questions, or to request a fix.
Re-trigger cubic
There was a problem hiding this comment.
3 issues found across 12 files
Confidence score: 2/5
- High risk for merge right now:
artifacts/sandbox-ai/src/pages/auth-portal.tsxhas a concrete, high-confidence redirect loop in public mode where/sign-inand/sign-uproute back to/auth, blocking users from reaching auth screens. artifacts/sandbox-ai/src/pages/mobile-dashboard.tsxincludes hardcoded user-facing text instead of i18n keys, which is a user-visible quality/compliance gap and may create localization regressions.artifacts/sandbox-ai/src/App.tsxduplicates routing logic betweenPublicOnlyRouterandRouter, which is low-severity today but increases drift and regression risk as routes evolve.- Pay close attention to
artifacts/sandbox-ai/src/pages/auth-portal.tsx,artifacts/sandbox-ai/src/pages/mobile-dashboard.tsx, andartifacts/sandbox-ai/src/App.tsx- resolve the auth redirect loop first, then address localization and router drift.
Reply with feedback, questions, or to request a fix.
Re-trigger cubic
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary by cubic
Fixes broken sign-in/up in public mode by routing auth to a new public portal when Clerk is disabled or missing. Adds a health page to verify env setup and a public-only router to keep users on safe pages.
Bug Fixes
'/sign-in'and'/sign-up'to'/auth'whenVITE_AUTH_MODE=publicor Clerk key is missing.'/chat*'to'/'.src/config/auth-mode.ts(authMode,isAuthEnabled,clerkConfig) and show a public app shell instead of an error when auth is off.New Features
'/auth'portal linking to Clerk sign-in/up.'/health-config'diagnostics with an env checklist; addeddocs_self_healing_process.mdrunbook.'/mobile-dashboard','/chat-static','/termux-lab'(with command logs/suggestions),'/tools'.tsconfig.jsonand fixed minor TS issues in chat components to clear CI typecheck errors.Written for commit d88d3d7. Summary will update on new commits. Review in cubic