OAuth support #141
OAuth support #141
Conversation
|
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
Codex Review: Here are some suggestions.
Reply with @codex fix comments to fix any unresolved comments.
About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you open a pull request for review, mark a draft as ready, or comment "@codex review". If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex fix this CI failure" or "@codex address that feedback".
| let password = $state(''); | ||
| let canSubmit = $derived( | ||
| usernameValid && emailValid | ||
| ); | ||
| async function handleSubmission(e: SubmitEvent) { | ||
| e.preventDefault(); | ||
| if (!username || !email) { | ||
| return; | ||
| } | ||
| try { | ||
| const account = await oauthApi.oAuthOAuthSignupFinalize(page.params.provider!, { | ||
| username, | ||
| email, | ||
| password, |
There was a problem hiding this comment.
[P1] Avoid submitting empty passwords during OAuth sign up
The signup form does not expose any password input, yet handleSubmission unconditionally forwards password (initialized to '') to oauthApi.oAuthOAuthSignupFinalize. The API model describes password as optional and server-side validation is likely to reject an empty string as failing minimum length requirements. Because the user never has a chance to set password, every submission will carry an invalid value and the OAuth create flow cannot succeed. Send null when the field is intentionally omitted or add a password field so the request can satisfy backend validation.
Useful? React with 👍 / 👎.
No description provided.