fix(login): fix captcha headers for manual login #4025
fix(login): fix captcha headers for manual login #4025TheodoreSpeaks merged 3 commits intostagingfrom
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
|
@BugBot review |
PR SummaryMedium Risk Overview Also changes Turnstile site key initialization from Reviewed by Cursor Bugbot for commit 99bfc99. Bugbot is set up for automated code reviews on this repo. Configure here. |
|
@BugBot review |
Greptile SummaryThis PR fixes two bugs in the manual signup flow: (1) the Cloudflare Turnstile captcha token is now correctly passed via the
Confidence Score: 4/5Safe to merge after fixing the remaining BAD_REQUEST/INVALID_EMAIL error message bug The primary captcha fix is correct and the USER_ALREADY_EXISTS error message improvement is good. However, the BAD_REQUEST and INVALID_EMAIL branches still display 'Failed to create account' instead of their specific error messages — a P1 issue for user-facing error feedback that was left unfixed while a parallel pattern was corrected in this same PR. apps/sim/app/(auth)/signup/signup-form.tsx — specifically the BAD_REQUEST and INVALID_EMAIL error handling branches in the onError callback (lines 285–294)
|
| Filename | Overview |
|---|---|
| apps/sim/app/(auth)/signup/signup-form.tsx | Correctly fixes captcha header passing and USER_ALREADY_EXISTS error message; BAD_REQUEST and INVALID_EMAIL branches still show wrong error via errorMessage[0] bug |
Sequence Diagram
sequenceDiagram
participant User
participant SignupForm
participant Turnstile
participant BetterAuth
User->>SignupForm: Submit signup form
SignupForm->>Turnstile: widget.reset() + execute()
Turnstile-->>SignupForm: captcha token
SignupForm->>BetterAuth: client.signUp.email(credentials, { headers: { 'x-captcha-response': token } })
alt Success
BetterAuth-->>SignupForm: response (no error)
SignupForm->>User: redirect to /verify
else USER_ALREADY_EXISTS
BetterAuth-->>SignupForm: error
SignupForm->>User: setEmailError('An account with this email already exists...') ✅
else BAD_REQUEST / INVALID_EMAIL
BetterAuth-->>SignupForm: error
SignupForm->>User: setEmailError(errorMessage[0]) → 'Failed to create account' ⚠️
end
Comments Outside Diff (1)
-
apps/sim/app/(auth)/signup/signup-form.tsx, line 285-294 (link)Wrong error message shown for
BAD_REQUESTandINVALID_EMAILBoth branches push a specific error message to
errorMessagebut then callsetEmailError(errorMessage[0]), which always resolves to the initial value'Failed to create account'— not the pushed message (which lands at index1). Users will see the generic fallback rather than the specific error.This PR already fixed the
USER_ALREADY_EXISTScase by callingsetEmailError(...)directly. The same direct-string pattern should be applied here:
Reviews (1): Last reviewed commit: "Catch user already exists, remove login ..." | Re-trigger Greptile
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 99bfc99. Configure here.
* feat(posthog): Add tracking on mothership abort (#4023) Co-authored-by: Theodore Li <[email protected]> * fix(login): fix captcha headers for manual login (#4025) * fix(signup): fix turnstile key loading * fix(login): fix captcha header passing * Catch user already exists, remove login form captcha
Summary
Manual sign in failed due to the captcha header not being passed. We incorrectly passed the header to better-auth, fixed this to use the
headerskey instead.Also we weren't updating the error message properly on user email already exists. Use direct set message to set the error.
Type of Change
Testing
Checklist
Screenshots/Videos