Skip to content

fix: verification code perf#27631

Merged
sean-brydon merged 1 commit intomainfrom
fix/verificiation-code-perf
Feb 4, 2026
Merged

fix: verification code perf#27631
sean-brydon merged 1 commit intomainfrom
fix/verificiation-code-perf

Conversation

@sean-brydon
Copy link
Member

@sean-brydon sean-brydon commented Feb 4, 2026
edited by cubic-dev-ai bot
Loading

Summary by cubic

Added per-user rate limiting to the sendVerificationCode handler to smooth bursts and improve responsiveness. This reduces load and keeps the verification flow stable under heavy usage.

Written for commit 1f4d301. Summary will update on new commits.

@graphite-app graphite-app bot added core area: core, team members only consumer labels Feb 4, 2026
@graphite-app graphite-app bot requested a review from a team February 4, 2026 18:31
@sean-brydon sean-brydon enabled auto-merge (squash) February 4, 2026 18:33
@paragon-review
Copy link

paragon-review bot commented Feb 4, 2026
edited
Loading

Paragon: tests updated

1 new test generated for this PR.

New Tests

  • sendVerificationCodeHandler tests — Comprehensive unit tests for sendVerificationCodeHandler covering rate limiting (the main change in PR fix: verification code perf #27631), authorization logic for premium users, team plan users, and users with credits, as well as verification code sending functionality.

Accept Changes Open in Paragon

Details

New Tests

  • sendVerificationCodeHandler tests (unit)

cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Feb 4, 2026
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 1 file

pedroccastro
pedroccastro reviewed Feb 4, 2026
View reviewed changes
packages/trpc/server/routers/viewer/workflows/sendVerificationCode.handler.ts
throw new TRPCError({ code: "UNAUTHORIZED" });
}

await checkRateLimitAndThrowError({
Copy link
Contributor

@pedroccastro pedroccastro Feb 4, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey! Thanks for looking into this 🙌
I was thinking on a slightly different approach:

  • Moving the rate limit check before the billing gate so we can reject early without running the credits/plan queries
  • Using sms + smsMonth rate limit types instead of core (short-term + monthly cap)

What do you think?

@sean-brydon sean-brydon merged commit 1a0bf47 into main Feb 4, 2026
100 of 102 checks passed
@sean-brydon sean-brydon deleted the fix/verificiation-code-perf branch February 4, 2026 18:41
@pedroccastro pedroccastro mentioned this pull request Feb 4, 2026
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pedroccastro pedroccastro pedroccastro left review comments

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@eunjae-lee eunjae-lee eunjae-lee approved these changes

@joeauyeung joeauyeung joeauyeung approved these changes

Assignees

No one assigned

Labels

consumer core area: core, team members only ready-for-e2e size/XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sean-brydon @eunjae-lee @pedroccastro @joeauyeung