Skip to content

Bug: Fix: Resolve client-side process crash and implement Magic Link OTP validation#117

Closed
JMR825 wants to merge 3 commits into
rushikesh-bobade:mainfrom
JMR825:Bug/Magic-Link-Validation
Closed

Bug: Fix: Resolve client-side process crash and implement Magic Link OTP validation#117
JMR825 wants to merge 3 commits into
rushikesh-bobade:mainfrom
JMR825:Bug/Magic-Link-Validation

Conversation

@JMR825

@JMR825 JMR825 commented Jul 5, 2026

Copy link
Copy Markdown

Description

This PR fully wires up the placeholder Magic Link UI option on the login page. It introduces strict client-side verification constraints, resolves environment-agnostic compilation crashes, and integrates the native Supabase OTP passwordless authentication flow.

Key Changes

  • Supabase OTP Integration: Replaced the visual placeholder with an active supabase.auth.signInWithOtp dispatch utilizing a safe global client generator.
  • Client-Side Validation Constraints: Added a strict regex pattern requirement. The form now gracefully flags invalid syntax (Please enter a valid email address.) or empty payloads (Please enter your email.) without refreshing the page.
  • Cross-Bundler Environment Resiliency: Fixed a critical process is not defined runtime reference error caused by server-side Node variables crashing the client-side browser space. Added safe try/catch fallback blocks that gracefully support both Webpack/Next.js (process.env) and Vite (import.meta.env) building architectures.
  • Graceful Error Handling: Implemented custom validation banners below the form fields to catch missing credentials cleanly rather than failing silently.

Related Issues

Closes #105
image

Thank You.

@vercel

vercel Bot commented Jul 5, 2026

Copy link
Copy Markdown

@JMR825 is attempting to deploy a commit to the participationcorner2025-8967's projects Team on Vercel.

A member of the Team first needs to authorize it.

@github-actions github-actions Bot added the ECSoC26 Required label for ECSOC Sentinel scoring label Jul 5, 2026
@github-actions

github-actions Bot commented Jul 5, 2026

Copy link
Copy Markdown

📝 Summary

The provided pull request diff introduces several changes to the codebase, including updates to the .gitignore file, modifications to the MagicLinkOption component, and the addition of a new route for serving static probe endpoints. The changes aim to improve the functionality and user experience of the magic link feature.

📂 Files Changed

  • .gitignore: updated to include the src/ directory
  • app/blocks/login-page/magic-link-option.tsx: modified to include email validation, error handling, and a loading state
  • app/routes.ts: updated to include a new route for serving static probe endpoints
  • app/routes/well-known.tsx: new file added to handle the static probe endpoint

🎭 Code Poem

Code changes abound, with updates so fine,
Magic link feature now works in its prime.
Email validation and error handling too,
Improving user experience, that's what we do.

🚨 Bugs & Architectural Violations * The `MagicLinkOption` component uses `import.meta.env` which may not be compatible with all environments. It's recommended to use a more robust method for accessing environment variables. * The `getSupabaseClient` function returns `null` if the Supabase URL or anon key is missing. It would be better to throw an error in this case to ensure the issue is properly handled. * The `WellKnownRoute` component uses a `useEffect` hook with an empty dependency array, but the effect function is a no-op. This can be removed to simplify the code. * The `MagicLinkOption` component uses inline styles for the error message. It's recommended to use a CSS module or a separate CSS file to keep the styles organized and maintainable. * The `MagicLinkOption` component does not include any accessibility attributes (e.g. `aria-hidden`, `role`) on its elements. It's essential to add these attributes to ensure the component is accessible to all users.
💡 Suggestions & Best Practices * Consider using a more robust method for accessing environment variables, such as a dedicated library or a build-time configuration. * Add accessibility attributes to the `MagicLinkOption` component to ensure it's accessible to all users. * Use a CSS module or a separate CSS file to keep the styles organized and maintainable. * Remove the `useEffect` hook from the `WellKnownRoute` component as it's not necessary. * Consider adding a loading indicator or a progress bar to the `MagicLinkOption` component to improve the user experience. * Use a more secure method for handling errors, such as logging the error and displaying a user-friendly error message.

@github-actions

github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown

📝 Summary

The provided pull request diff introduces several changes to the codebase, including updates to the .gitignore file, modifications to the MagicLinkOption component, and the addition of a new route for serving static probe endpoints. The changes aim to enhance the functionality of the magic link feature and improve the overall performance of the application.

📂 Files Changed

  • .gitignore: Updated to include the src/ directory.
  • app/blocks/login-page/magic-link-option.tsx: Modified to include email validation, error handling, and a new handleSendLink function.
  • app/routes.ts: Updated to include a new route for serving static probe endpoints.
  • app/routes/well-known.tsx: New file added to handle requests to the .well-known endpoint.

🎭 Code Poem

Code changes abound, with updates so fine,
Magic link feature now works in its prime.
New routes are added, with care and with might,
Improving performance, day and night.

🚨 Bugs & Architectural Violations * The `getSupabaseClient` function uses `import.meta.env` which may not be supported in all environments. Consider using a more robust method for accessing environment variables. * The `MagicLinkOption` component uses inline styles for the error message, which may not be in line with the project's CSS architecture. Consider using a CSS module or a separate CSS file for styling. * The `WellKnownRoute` component uses a `useEffect` hook with an empty dependency array, which may cause the effect to run only once. Consider adding dependencies or using a different hook if necessary. * The project uses `@supabase/ssr` which may not be compatible with the project's architecture. Consider using a different library or approach for Supabase integration. * The `MagicLinkOption` component does not have any accessibility attributes (e.g. `aria-hidden`, `role`) which may affect the component's accessibility. Consider adding these attributes to improve accessibility.
💡 Suggestions & Best Practices * Consider using a more robust method for accessing environment variables, such as using a library like `dotenv` or `env-var`. * Use CSS modules or separate CSS files for styling instead of inline styles. * Add accessibility attributes (e.g. `aria-hidden`, `role`) to the `MagicLinkOption` component to improve accessibility. * Consider using a different library or approach for Supabase integration that is more compatible with the project's architecture. * Use a linter or code formatter to enforce coding standards and best practices throughout the codebase. * Consider adding more tests to ensure the functionality of the `MagicLinkOption` component and the new route.

@rushikesh-bobade

Copy link
Copy Markdown
Owner

Hi @JMR825,

Thank you for your interest in contributing to FlipTrack and for taking on this issue!

I've carefully reviewed this PR, and unfortunately, it introduces several critical architectural violations and syntax errors that will completely break the application's build process. Before we can merge this, you will need to completely overhaul this branch to align with our project's standards.

Please address the following critical blockers:

1. Fatal Syntax Error in routes.ts
You accidentally closed the RouteConfig array twice. You added ] satisfies RouteConfig; on line 154, but left the /:username route dangling outside the array, followed by another ] satisfies RouteConfig; at the bottom. This is invalid JavaScript syntax and immediately crashes the entire Remix router.

2. Rogue Next.js / Webpack Code in a Remix App
In magic-link-option.tsx, you manually wrote a massive getSupabaseClient function with try/catch blocks looking for process.env.NEXT_PUBLIC_SUPABASE_URL.

  • FlipTrack is a Remix/Vite application, not Next.js.
  • You should never define raw Supabase client initializers directly inside a UI component.
  • Solution: We already have a dedicated Supabase client utility setup in the app/utils/ folder. Please import and use the existing client utility rather than writing your own Webpack polyfill.

3. Irrelevant .well-known Probe Endpoint
You added a well-known.tsx route returning a React component (<div>OK</div>) to serve a .json Chrome DevTools probe. Not only is this entirely unrelated to the "Magic Link" issue, but returning a React component for a .json endpoint violates HTTP standards. Please remove well-known.tsx and its route entry completely.

4. src/ in .gitignore
FlipTrack uses an app/ directory architecture, not src/. Please revert the change to .gitignore.

I highly recommend running npm run build locally before pushing to catch these fatal syntax errors. Please push a new commit addressing all of the above, and I will be happy to review it again!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

ECSoC26 Required label for ECSOC Sentinel scoring

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[BUG] bug: Authentication issues (Sign-up broken, empty Magic Link validation, and non-functional Demo credentials)

2 participants