Fix CodeRabbit AI suggestions: GitHub ID type, OAuth scope, error handling

kanchn-https · kanchn-https · commit 736b1937e88e · 2025-08-01T18:57:44.000+05:30
diff --git a/backend/models/User.js b/backend/models/User.js
@@ -18,12 +18,14 @@ const UserSchema = new mongoose.Schema({
     },
     // GitHub OAuth fields
     githubId: {
-      type: Number,
+      type: String,
       unique: true,
       sparse: true,
     },
     githubUsername: {
       type: String,
+      unique: true,
+      sparse: true,
     },
     avatarUrl: {
       type: String,
diff --git a/backend/routes/auth.js b/backend/routes/auth.js
@@ -43,6 +43,7 @@ router.post("/github/callback", async (req, res) => {
                 'Accept': 'application/json',
                 'Content-Type': 'application/json',
             },
+            signal: AbortSignal.timeout(10000), // 10 second timeout
             body: JSON.stringify({
                 client_id: process.env.GITHUB_CLIENT_ID,
                 client_secret: process.env.GITHUB_CLIENT_SECRET,
@@ -51,10 +52,15 @@ router.post("/github/callback", async (req, res) => {
             }),
         });
 
+        if (!tokenResponse.ok) {
+            return res.status(400).json({ message: 'Failed to authenticate with GitHub' });
+        }
+
         const tokenData = await tokenResponse.json();
 
         if (tokenData.error) {
-            return res.status(400).json({ message: 'Failed to get access token from GitHub' });
+            console.error('GitHub token error:', tokenData.error);
+            return res.status(400).json({ message: 'Failed to authenticate with GitHub' });
         }
 
         const accessToken = tokenData.access_token;
@@ -65,6 +71,7 @@ router.post("/github/callback", async (req, res) => {
                 'Authorization': `Bearer ${accessToken}`,
                 'Accept': 'application/vnd.github.v3+json',
             },
+            signal: AbortSignal.timeout(10000), // 10 second timeout
         });
 
         const userData = await userResponse.json();
@@ -79,6 +86,7 @@ router.post("/github/callback", async (req, res) => {
                 'Authorization': `Bearer ${accessToken}`,
                 'Accept': 'application/vnd.github.v3+json',
             },
+            signal: AbortSignal.timeout(10000), // 10 second timeout
         });
 
         const emailsData = await emailsResponse.json();
@@ -92,7 +100,7 @@ router.post("/github/callback", async (req, res) => {
             user = new User({
                 username: userData.login,
                 email: primaryEmail,
-                githubId: userData.id,
+                githubId: userData.id.toString(), // Convert to string
                 githubUsername: userData.login,
                 avatarUrl: userData.avatar_url,
                 // Set a random password since GitHub users don't have passwords
@@ -101,7 +109,7 @@ router.post("/github/callback", async (req, res) => {
             await user.save();
         } else {
             // Update existing user with GitHub info
-            user.githubId = userData.id;
+            user.githubId = userData.id.toString(); // Convert to string
             user.githubUsername = userData.login;
             user.avatarUrl = userData.avatar_url;
             await user.save();
diff --git a/src/pages/GitHubCallback/GitHubCallback.tsx b/src/pages/GitHubCallback/GitHubCallback.tsx
@@ -4,7 +4,7 @@ import { ThemeContext } from "../../context/ThemeContext";
 import type { ThemeContextType } from "../../context/ThemeContext";
 import { FaGithub, FaCheckCircle, FaExclamationCircle } from "react-icons/fa";
 
-const backendUrl = import.meta.env.VITE_BACKEND_URL;
+const backendUrl = import.meta.env.VITE_BACKEND_URL || 'http://localhost:5000';
 
 const GitHubCallback: React.FC = () => {
   const [status, setStatus] = useState<'loading' | 'success' | 'error'>('loading');
@@ -49,7 +49,7 @@ const GitHubCallback: React.FC = () => {
         if (response.ok) {
           setStatus('success');
           setMessage('Successfully authenticated with GitHub!');
-          setTimeout(() => navigate('/home'), 2000);
+          setTimeout(() => navigate('/'), 2000);
         } else {
           throw new Error(data.message || 'Authentication failed');
         }
diff --git a/src/pages/Login/Login.tsx b/src/pages/Login/Login.tsx
@@ -1,6 +1,6 @@
 import React, { useState, ChangeEvent, FormEvent, useContext } from "react";
 import axios from "axios";
-import { useNavigate } from "react-router-dom";
+import { useNavigate, Link } from "react-router-dom";
 import { ThemeContext } from "../../context/ThemeContext";
 import type { ThemeContextType } from "../../context/ThemeContext";
 import { FaGithub, FaEye, FaEyeSlash, FaArrowRight } from "react-icons/fa";
@@ -52,15 +52,18 @@ const Login: React.FC = () => {
     setMessage("");
     
     try {
-      // GitHub OAuth URL - you'll need to configure this with your GitHub OAuth app
-      const githubClientId = import.meta.env.VITE_GITHUB_CLIENT_ID || 'your-github-client-id';
+      const githubClientId = import.meta.env.VITE_GITHUB_CLIENT_ID;
+      
+      if (!githubClientId) {
+        throw new Error('GitHub Client ID not configured');
+      }
+      
       const redirectUri = `${window.location.origin}/auth/github/callback`;
-      const githubAuthUrl = `https://github.com/login/oauth/authorize?client_id=${githubClientId}&redirect_uri=${encodeURIComponent(redirectUri)}&scope=user:email,repo`;
+      const githubAuthUrl = `https://github.com/login/oauth/authorize?client_id=${githubClientId}&redirect_uri=${encodeURIComponent(redirectUri)}&scope=user:email`;
       
       window.location.href = githubAuthUrl;
     } catch (error: any) {
-      setMessage("GitHub authentication failed. Please try again.");
-    } finally {
+      setMessage(error.message || "GitHub authentication failed. Please try again.");
       setIsGitHubLoading(false);
     }
   };
@@ -212,12 +215,12 @@ const Login: React.FC = () => {
           <div className="text-center mt-8 pb-8">
             <p className={`${mode === "dark" ? "text-slate-500" : "text-gray-600"} text-sm`}>
               Don't have an account?{" "}
-              <a 
-                href="/signup" 
+              <Link 
+                to="/signup" 
                 className="text-purple-400 hover:text-purple-300 transition-colors duration-300 font-medium hover:underline"
               >
                 Sign up here
-              </a>
+              </Link>
             </p>
           </div>
         </div>
