634 commit 1

[jeetvasoya21]

Related Issue

• Closes: 🐛 Bug Report: authError is always undefined in Tracker page #634

---

Description

This PR fixes authentication error handling on the Tracker page by properly surfacing GitHub authentication failures to users.

Changes Made

• Enhanced useGitHubAuth to expose an error state for authentication-related failures.

• Added automatic GitHub token validation with a debounce when the token changes.

• Implemented validation against GitHub's GET /user endpoint to verify token authenticity.

• Added specific handling for common authentication scenarios:

  • Invalid personal access token (401)
  • Insufficient permissions or expired token (403)
  • Bad credentials

• Updated the Tracker page to consume and display authError.

• Separated authentication errors from data-fetching errors for clearer user feedback.

User Impact

Users now receive clear and actionable authentication error messages instead of generic data-fetching errors, making it easier to identify and resolve GitHub credential issues.

---

How Has This Been Tested?

• Verified that the application compiles successfully with no syntax errors.
• Tested invalid GitHub personal access token scenarios.
• Tested authentication failure handling and error state propagation.
• Confirmed that authentication errors and data-fetching errors are displayed independently on the Tracker page.
• Verified that valid authentication flows continue to work as expected.

---

Screenshots (if applicable)

N/A

---

Type of Change

• Bug fix
• New feature
• Code style update
• Breaking change
• Documentation update

Summary by CodeRabbit

• New Features

  • GitHub tokens are now automatically validated and provide clearer, specific authentication error messages.
  • Authentication error state can be programmatically set/cleared, improving UI feedback.

• Bug Fixes

  • Authentication failures and data-loading errors are shown as separate alerts for clearer diagnosis.

[netlify]

✅ Deploy Preview for github-spy ready!

Name	Link
🔨 Latest commit	f20bb8e
🔍 Latest deploy log	https://app.netlify.com/projects/github-spy/deploys/6a1fe1be024bcd000881cbc4
😎 Deploy Preview	https://deploy-preview-685--github-spy.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 8bfd2f7f-7e59-42a8-aed2-fa6751c60e23

📥 Commits

Reviewing files that changed from the base of the PR and between 26ef137 and f20bb8e.

📒 Files selected for processing (1)

• src/hooks/useGitHubAuth.ts

🚧 Files skipped from review as they are similar to previous changes (1)

• src/hooks/useGitHubAuth.ts

---

📝 Walkthrough

Walkthrough

The PR adds token validation to the useGitHubAuth hook (debounced GitHub /user check, error state, AbortController) and updates the Tracker page to render authentication errors separately from data-fetching errors.

Changes

Auth Token Validation and Error Display

Layer / File(s)	Summary
Token validation with error state src/hooks/useGitHubAuth.ts	useGitHubAuth adds useEffect import, introduces error state, clears errors when token/username change, debounces 500ms, and calls GitHub's /user endpoint to validate the token. HTTP 401/403 or "Bad credentials" responses map to user-facing error messages. Hook return now includes error and setError.
Separate auth and data error alerts src/pages/Tracker/Tracker.tsx	Tracker now renders distinct MUI Alerts for authError (shown when present) and dataError (shown only if authError is absent), replacing the prior combined `authError

Sequence Diagram

sequenceDiagram
  participant Tracker as TrackerComponent
  participant Hook as useGitHubAuth
  participant GitHub as GitHubAPI
  Tracker->>Hook: setToken / setUsername
  Hook->>Hook: clear error, recreate Octokit
  Note over Hook: debounce 500ms
  Hook->>GitHub: GET /user (octokit.request)
  GitHub-->>Hook: 200 OK or 401/403 / error
  Hook->>Hook: map response to user-facing error or clear
  Hook-->>Tracker: expose error / setError / getOctokit

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• GitMetricsLab/github_tracker#255: Also touches useGitHubAuth and Tracker error handling; overlaps on error/setError exposure.
• GitMetricsLab/github_tracker#626: Adjusts Tracker error rendering logic around authError, directly related to this PR's UI change.
• GitMetricsLab/github_tracker#293: Modifies useGitHubAuth public API to include error state and setter, overlapping with this PR's hook changes.

Suggested labels

type:bug

Poem

🐰 I sniffed the token at the gate,
I waited half a beat—500ms late,
I asked /user to confirm the key,
If it's bad, I tell you plainly.
Tracker now shows auth truth, hooray!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The title '634 commit 1' is vague and does not describe the primary change; it references an issue number and commit ordinal rather than summarizing the actual feature or fix.	Change the title to clearly describe the main change, e.g., 'Add authentication error handling to useGitHubAuth hook' or 'Separate auth and data error alerts on Tracker page'.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description check	✅ Passed	The pull request description is comprehensive, follows the template structure with all required sections completed, and clearly explains the changes, testing, and user impact.
Linked Issues check	✅ Passed	The PR successfully addresses all objectives from issue #634: adds error state to useGitHubAuth, implements token validation via GET /user, handles specific auth errors (401/403/bad credentials), and separates auth errors from data errors in the Tracker UI.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to fixing authentication error handling as specified in issue #634; no unrelated modifications or scope creep detected.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/hooks/useGitHubAuth.ts`:
- Around line 9-16: The useMemo callback in useGitHubAuth currently calls
setError(''), which is a side effect and must be removed; update the hook by
deleting setError('') from the useMemo that creates octokit and instead clear
the error inside the existing validation useEffect (or add a new useEffect) that
watches username and token, calling setError('') only when performing
validation; keep the octokit creation logic (new Octokit({ auth: token }) vs new
Octokit()) in the useMemo that depends on [username, token] so memoization is
preserved and no state updates occur during memo computation.
- Around line 25-52: The validateAuth flow can leave prior octokit requests
completing after a new token is entered, so update the validateAuth effect to
create an AbortController each run, pass controller.signal into
octokit.request('GET /user'), and call controller.abort() in the effect cleanup
to cancel any in-flight request when the timeout/effect re-runs; inside
validateAuth detect aborts (e.g., check for DOMException/aborted error) and
avoid calling setError or setState when aborted, and still clearTimeout/clear
the controller in the existing cleanup so validateAuth and the timeout are both
cancelled correctly.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 13178db0-6f17-4776-9236-166f5ca3ba2d

📥 Commits

Reviewing files that changed from the base of the PR and between 53f820b and 26ef137.

📒 Files selected for processing (2)

• src/hooks/useGitHubAuth.ts
• src/pages/Tracker/Tracker.tsx

[jeetvasoya21]

/assign

[jeetvasoya21]

@coderabbitai review

[coderabbitai]

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.