Fix stale auth handling in login and status#191
Conversation
|
Warning Rate limit exceeded
You’ve run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (3)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Relayfile Eval ReviewRun: Passed: 4 | Needs human: 0 | Reviewable: 0 | Missing output: 0 | Failed: 0 | Skipped: 0 Human Review CasesNo reviewable human-review cases captured Relayfile output. |
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
| if err := removeCredentialFile(credentialsPath()); err != nil { | ||
| fmt.Fprintf(stdout, "warning: could not clear stale server credentials: %v\n", err) | ||
| } |
There was a problem hiding this comment.
🔴 --skip-workspace-refresh deletes existing server credentials despite user opting out of workspace changes
The new removeCredentialFile(credentialsPath()) call at cmd/relayfile-cli/main.go:1866 runs unconditionally after the if !*skipWorkspace { ... } block (lines 1843–1864). When --skip-workspace-refresh is true, the entire workspace-refresh block is skipped, so execution falls straight through to line 1866 which deletes the server credentials file.
This breaks the following workflow:
- User runs
relayfile setup→ workspace created, server credentials saved - User runs
relayfile login --skip-workspace-refresh→ intends to only refresh cloud auth - Server credentials (workspace token) are deleted
- Subsequent commands like
relayfile statusorrelayfile mountfail with "credentials not found"
The flag's documented semantics are "sign into the cloud only; do not refresh the workspace token" — removing the workspace token violates this contract. The existing test TestLoginSkipsWorkspaceRefreshWhenFlagSet doesn't catch this because it never pre-saves server credentials before running the command.
Prompt for agents
In runLogin (cmd/relayfile-cli/main.go), the removeCredentialFile(credentialsPath()) call at line 1866 runs even when *skipWorkspace is true, which deletes the user's existing workspace token despite them explicitly opting out of workspace changes via --skip-workspace-refresh.
The fix should guard the credential removal so it only runs when the cloud flow actually attempted (and failed) a workspace refresh. One approach: wrap the removal in an if !*skipWorkspace check, or move it inside the existing if !*skipWorkspace block (after line 1864, before the closing brace). The setup message on line 1869 should probably also be guarded by the same condition, since telling a --skip-workspace-refresh user to run relayfile setup is confusing when they already have a workspace.
Also update TestLoginSkipsWorkspaceRefreshWhenFlagSet to pre-save server credentials and verify they survive the login command.
Was this helpful? React with 👍 or 👎 to provide feedback.
1 participant
Summary
relayfile statusauth diagnostics for expired cloud sessions, expiring access tokens, and daemons started before the latest credential writeFixes #188
Fixes #189
Tests
go test ./cmd/relayfile-cligo test ./...