fixing referrals #75
Open
fixing referrals #75
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![ellipsis-dev[bot]](https://avatars.githubusercontent.com/in/64358?s=60&v=4){kind=small}
There was a problem hiding this comment.
❌ Changes requested. Reviewed everything up to 66475d5 in 46 seconds
More details
- Looked at
1285lines of code in25files - Skipped
1files when reviewing. - Skipped posting
4drafted comments based on config settings.
1. backend/lib/controllers/referrals/controller.ts:7
- Draft comment:
Ensure that theuserIdfrom the request parameters is validated and authorized to prevent unauthorized access. - Reason this comment was not posted:
Decided after close inspection that this draft comment was likely wrong and/or not actionable:
The comment is speculative and suggests a potential improvement rather than pointing out a definite issue. It does not align with the rules as it asks to ensure something rather than pointing out a clear code change required. The comment is about a change made in the diff, but it is not a definite issue.
The comment could be seen as a valid security concern, which might justify its presence. However, it does not point out a specific issue with the current code but rather suggests a best practice.
While security is important, the comment does not point out a specific flaw in the current implementation. It is more of a general suggestion, which does not align with the rules for review comments.
The comment should be removed as it is speculative and does not point out a definite issue with the code change.
2. backend/lib/services/User/service.ts:18
- Draft comment:
Add validation for the input data in thecreateUserfunction to ensure data integrity. - Reason this comment was not posted:
Decided after close inspection that this draft comment was likely wrong and/or not actionable:
The comment is relevant to the changes made in the diff, as it addresses thecreateUserfunction, which was modified. Adding validation is a reasonable suggestion to ensure data integrity, which is a code quality improvement. The comment is actionable and clear, making it a useful suggestion.
The comment does not specify what kind of validation should be added, which might make it less actionable. However, the general suggestion to add validation is still a valid point for improving code quality.
While the comment could be more specific, the suggestion to add validation is a common and useful practice in software development, especially when dealing with user input.
The comment should be kept as it is relevant to the changes made in the diff and suggests a useful code quality improvement by adding validation.
3. frontend/src/components/base/Referral.tsx:29
- Draft comment:
EnsureuserIdis defined before making the API call to fetch the referral code to prevent errors. - Reason this comment was not posted:
Decided after close inspection that this draft comment was likely wrong and/or not actionable:
The code already includes a check foruserIdbefore proceeding with the API call, which addresses the concern raised by the comment. Therefore, the comment is not necessary as the issue is already resolved in the code.
I might be overlooking a scenario whereuserIdcould still be undefined despite the check, but the current logic seems to handle it adequately.
The logic in the code ensures thatuserIdis only set if it is defined, which should prevent the API call from being made with an undefineduserId.
The comment should be removed as the code already handles the concern raised by the comment, making it redundant.
4. frontend/src/components/compound/SignInbutton.tsx:49
- Draft comment:
Consider navigating the user to a different page after a successful sign-in to improve user experience. - Reason this comment was not posted:
Confidence changes required:50%
Infrontend/src/components/compound/SignInbutton.tsx, thehandleSignInfunction does not navigate the user after a successful sign-in. This could lead to a confusing user experience.
Workflow ID: wflow_VbE0EgD5kYQCV8j8
Want Ellipsis to fix these issues? Tag @ellipsis-dev in a comment. You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.
| @@ -52,48 +57,69 @@ router.get('/code/:userId', async (req, res) => { | |||
|
|
|||
| // Apply a referral code when a new user signs up | |||
| router.post('/apply', async (req, res) => { | |||
| const { newUserId, referralCode } = req.body; | |||
| const { userId, referralCode, referrerId } = req.body; | |||
There was a problem hiding this comment.
Validate that the userId in the request body is authorized to apply the referral to prevent unauthorized applications.
| @@ -14,15 +23,15 @@ const app = admin.initializeApp({ | |||
| credential: admin.credential.cert(serviceAccountKey as admin.ServiceAccount), | |||
| }); | |||
|
|
|||
| export const requireAuth = async (req: Request, res: Response, next: NextFunction) => { | |||
| export const requireAuth = async (req: AuthenticatedRequest, res: Response, next: NextFunction) => { | |||
| const token = req.headers.authorization?.split(" ")[1]; | |||
| if (!token) { | |||
| return res.status(401).json({ message: "Token not found" }); | |||
| } | |||
| const details = await auth.verifyIdToken(token); | |||
There was a problem hiding this comment.
Add error handling for auth.verifyIdToken and auth.getUser to prevent unhandled promise rejections.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary:
This pull request enhances the referral system by adding backend endpoints for referral management, updating the database schema, and modifying the frontend to handle referral links and user authentication.
Key points:
/referral/code/:userIdand/referral/applyendpoints inbackend/lib/controllers/referrals/controller.tsfor referral code generation and application.backend/prisma/schema.prismato includecountandusageLimitfields inReferralmodel.backend/middleware/auth.tsto include referral logic in user authentication.frontend/src/components/base/Referral.tsxto fetch and display referral codes.frontend/src/components/pages/UnprotectedHomepage.tsxto handle referral links from URL.frontend/src/components/layouts/UnprotectedLayout.tsxto apply referral codes on user login.frontend/network/api.tsto include referral-related API functions.Generated with ❤️ by ellipsis.dev