Skip to content

[Docs] API Auth panel UI overhaul#1080

Merged
madster456 merged 4 commits intodevfrom
docs/ui/api-window
Jan 20, 2026
Merged

[Docs] API Auth panel UI overhaul#1080
madster456 merged 4 commits intodevfrom
docs/ui/api-window

Conversation

@madster456
Copy link
Copy Markdown
Collaborator

@madster456 madster456 commented Dec 30, 2025
edited by coderabbitai Bot
Loading

Updates the API Docs auth panel for a new look.

image image

Summary by CodeRabbit

Release Notes

  • New Features

    • Added project dropdown selector with automatic authentication setup
    • Introduced manual mode for direct header configuration
    • Added authentication status indicators

  • Bug Fixes

    • Unified error handling across desktop and mobile views
    • Clearing the project selection now resets the selected project and clears authentication headers

  • Style

    • Improved mobile interface with better spacing and safe-area accommodations
    • Refined panel layout and transition animations

✏️ Tip: You can customize this high-level summary in your review settings.

@vercel
Copy link
Copy Markdown

vercel Bot commented Dec 30, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Review Updated (UTC)
stack-backend Ready Ready Preview, Comment Jan 20, 2026 7:12pm
stack-dashboard Ready Ready Preview, Comment Jan 20, 2026 7:12pm
stack-demo Ready Ready Preview, Comment Jan 20, 2026 7:12pm
stack-docs Ready Ready Preview, Comment Jan 20, 2026 7:12pm

@cmux-agent
Copy link
Copy Markdown

cmux-agent Bot commented Dec 30, 2025

Preview Screenshots

Open Diff Heatmap

Preview screenshots are being captured...

Workspace and dev browser links will appear here once the preview environment is ready.

Generated by cmux preview system

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented Dec 30, 2025
edited
Loading

Caution

Review failed

The pull request is closed.

📝 Walkthrough

Walkthrough

Adds deselection handling to project selection: clearing the selected project resets state and replaces auth headers with defaultHeaders; non-empty selections continue existing validation and header initialization (admin access type, project id, clearing admin tokens).

Changes

Cohort / File(s) Summary
AuthPanel — project deselection handling
docs/src/components/api/auth-panel.tsx		 When project selection is emptied, the component now resets selectedProject, applies defaultHeaders to clear auth headers, and returns early. Existing flow for non-empty selections (validate project, set selected project, initialize headers including admin access type and project id, clear admin tokens) remains unchanged.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

Suggested reviewers

  • N2D4

Poem

🐰 A click and the project slips away,
I tidy the headers, clear out the fray.
Default lines hum, tokens retreat,
Selection reset — the panel’s neat.
A tiny hop for tidy display. 🥕

Pre-merge checks and finishing touches

❌ Failed checks (1 warning, 1 inconclusive)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
Description check ❓ Inconclusive The description is minimal and lacks technical details. While it includes screenshots and follows the template structure, it provides no explanation of what changed, why, or how the new implementation works. Add a summary of key changes (new project dropdown, mode switching, visibility changes) and explain the reasoning behind the refactor to help reviewers understand the scope and impact.
✅ Passed checks (1 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately reflects the main change: a UI overhaul of the API Auth panel component with substantial refactoring.
✨ Finishing touches
  • 📝 Generate docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps Bot commented Dec 30, 2025

Greptile Summary

Redesigned the API authentication panel with a modern UI overhaul that replaces the native dropdown with a custom Popover-based project selector and introduces a tabbed interface to toggle between project selection and manual entry modes.

Major changes:

  • Replaced native <select> dropdown with custom ProjectDropdown component using Radix UI Popover
  • Added tabbed interface with "Select Project" and "Manual" modes (when projects are available)
  • Removed homepage scroll detection logic and simplified positioning
  • Changed desktop panel from fixed full-height to absolute positioned with rounded corners and shadow
  • Improved mobile experience with safe-area insets for notched devices
  • Removed field-level "required" badges and error pulsing animations in favor of cleaner layout
  • Removed hideWhenProjectSelected and isSensitive field properties (now all fields shown in manual mode)
  • Streamlined status footer to show simple "Ready" / "Not configured" state

Confidence Score: 4/5

  • Safe to merge - purely UI changes with no security or logic risks
  • This is a UI-focused refactor with improved user experience. The functionality remains the same (project selection and manual header configuration). No security vulnerabilities introduced, all event handlers are properly typed, and the code follows React best practices. Existing state management and authentication logic is preserved.
  • No files require special attention

Important Files Changed

Filename Overview
docs/src/components/api/auth-panel.tsx UI overhaul replacing native select with custom Popover dropdown, simplified layout with cleaner styling and improved mobile support

Sequence Diagram

sequenceDiagram
    participant User
    participant AuthPanel
    participant ProjectDropdown
    participant Popover
    participant APIContext

    User->>AuthPanel: Open auth panel
    AuthPanel->>AuthPanel: Check canUseProjectMode
    alt Has projects
        AuthPanel->>AuthPanel: Set authMode to 'project'
        AuthPanel->>ProjectDropdown: Render dropdown
        User->>ProjectDropdown: Click dropdown trigger
        ProjectDropdown->>Popover: Open popover
        Popover-->>User: Display project list
        User->>ProjectDropdown: Select project
        ProjectDropdown->>AuthPanel: onSelect(projectId)
        AuthPanel->>AuthPanel: handleProjectSelect()
        AuthPanel->>AuthPanel: Update headers with project info
        AuthPanel->>APIContext: updateSharedHeaders()
        AuthPanel->>AuthPanel: Trigger useEffect
        AuthPanel->>User: getAuthJson()
        User-->>AuthPanel: Return admin access token
        AuthPanel->>APIContext: updateSharedHeaders() with token
        APIContext-->>User: Ready to make API requests
    else No projects
        AuthPanel->>AuthPanel: Set authMode to 'manual'
        User->>AuthPanel: Input headers manually
        AuthPanel->>APIContext: updateSharedHeaders()
    end
    
    User->>AuthPanel: Toggle between modes
    AuthPanel->>AuthPanel: setAuthMode('project' | 'manual')
Loading

@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps Bot commented Dec 30, 2025

Greptile's behavior is changing!

From now on, if a review finishes with no comments, we will not post an additional "statistics" comment to confirm that our review found nothing to comment on. However, you can confirm that we reviewed your changes in the status check section.

This feature can be toggled off in your Code Review Settings by deselecting "Create a status check for each PR".

coderabbitai[bot]
coderabbitai Bot reviewed Dec 30, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (2)
docs/src/components/api/auth-panel.tsx (2)

24-31: Remove unused type fields.

The hideWhenProjectSelected and isSensitive fields in StackAuthHeaderField are no longer used anywhere in the code after the refactor. Consider removing them to keep the type definition clean.

🔎 Proposed cleanup 
 type StackAuthHeaderField = {
   key: StackAuthHeaderKey,
   label: string,
   placeholder: string,
   required: boolean,
-  hideWhenProjectSelected?: boolean,
-  isSensitive?: boolean,
 };

172-189: Consider adding loading state or using runAsynchronouslyWithAlert for better UX.

When a project is selected, the admin access token is fetched asynchronously. During this time, the UI displays "Ready to make requests" (line 300), but the token might not be populated yet. If the fetch is slow or fails, users could attempt requests without valid authentication.

Consider either:

  1. Adding a loading state to indicate token fetching is in progress
  2. Using runAsynchronouslyWithAlert instead of runAsynchronously to show alerts on token fetch failures

Based on learnings, the codebase prefers runAsynchronouslyWithAlert from @stackframe/stack-shared/dist/utils/promises for operations where users should be notified of failures.

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e6998cc and 8517f81.

📒 Files selected for processing (1)
  • docs/src/components/api/auth-panel.tsx
🧰 Additional context used
📓 Path-based instructions (3)
**/*.{ts,tsx}

📄 CodeRabbit inference engine (AGENTS.md)

**/*.{ts,tsx}: Always add new E2E tests when changing the API or SDK interface
For blocking alerts and errors, never use toast; use alerts instead as they are less easily missed by the user
NEVER try-catch-all, NEVER void a promise, and NEVER .catch(console.error); use loading indicators and async callbacks instead, or use runAsynchronously/runAsynchronouslyWithAlert for error handling
Use ES6 maps instead of records wherever you can

Files:

  • docs/src/components/api/auth-panel.tsx
**/*.{ts,tsx,css}

📄 CodeRabbit inference engine (AGENTS.md)

**/*.{ts,tsx,css}: Keep hover/click transitions snappy and fast; avoid fade-in delays on hover. Apply transitions after action completion instead, like smooth fade-out when hover ends
Use hover-exit transitions instead of hover-enter transitions; for example, use 'transition-colors hover:transition-none' instead of fade-in on hover

Files:

  • docs/src/components/api/auth-panel.tsx
{.env*,**/*.{ts,tsx,js}}

📄 CodeRabbit inference engine (AGENTS.md)

Prefix environment variables with STACK_ (or NEXT_PUBLIC_STACK_ if public) so changes are picked up by Turborepo and improves readability

Files:

  • docs/src/components/api/auth-panel.tsx
🧠 Learnings (1)
📚 Learning: 2025-10-11T04:13:19.308Z 
Learnt from: N2D4
Repo: stack-auth/stack-auth PR: 943
File: examples/convex/app/action/page.tsx:23-28
Timestamp: 2025-10-11T04:13:19.308Z
Learning: In the stack-auth codebase, use `runAsynchronouslyWithAlert` from `stackframe/stack-shared/dist/utils/promises` for async button click handlers and form submissions instead of manual try/catch blocks. This utility automatically handles errors and shows alerts to users.

Applied to files:

  • docs/src/components/api/auth-panel.tsx
🧬 Code graph analysis (1)
docs/src/components/api/auth-panel.tsx (1)
docs/src/components/icons.tsx (1)
  • ChevronDown (67-69)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (13)
  • GitHub Check: Vercel Agent Review
  • GitHub Check: E2E Tests (Node 22.x, Freestyle mock)
  • GitHub Check: E2E Tests (Node 22.x, Freestyle prod)
  • GitHub Check: setup-tests-with-custom-base-port
  • GitHub Check: lint_and_build (latest)
  • GitHub Check: build (22.x)
  • GitHub Check: docker
  • GitHub Check: restart-dev-and-test-with-custom-base-port
  • GitHub Check: setup-tests
  • GitHub Check: all-good
  • GitHub Check: restart-dev-and-test
  • GitHub Check: check_prisma_migrations (22.x)
  • GitHub Check: build (22.x)
🔇 Additional comments (4)
docs/src/components/api/auth-panel.tsx (4)

48-120: LGTM! Clean implementation of project selection.

The ProjectDropdown component is well-structured with proper accessibility (button roles, keyboard navigation through Popover), clean state management, and smooth transitions. The inclusion of a "clear selection" option improves UX.

196-215: LGTM! Solid project selection logic with defensive validation.

The handler properly validates that the selected project exists before processing, clearly documents the coordination with the token-fetching effect (line 208 comment), and appropriately clears headers that aren't needed for admin authentication.

225-357: LGTM! Desktop UI implementation is polished and follows guidelines.

The desktop panel uses proper absolute positioning, smooth transitions (duration-300 ease-out), and follows the codebase's hover-exit transition pattern. The mode toggle, error display, and status indicator provide clear user feedback. The conditional rendering based on canUseProjectMode handles both authenticated and unauthenticated states elegantly.

360-495: LGTM! Excellent mobile implementation with proper safe-area handling.

The mobile UI thoughtfully adapts the desktop design with appropriate typography scaling (text-base), improved touch targets, and—importantly—proper safe-area handling for notched devices using env(safe-area-inset-top) and env(safe-area-inset-bottom). The structural consistency with the desktop version aids maintainability while the mobile-specific adjustments (Done button, larger spacing) improve the mobile experience.

vercel[bot]
vercel Bot reviewed Dec 30, 2025
View reviewed changes
Comment thread docs/src/components/api/auth-panel.tsx
@madster456 madster456 requested a review from N2D4 January 14, 2026 18:14
@madster456 madster456 merged commit fa1bb2e into dev Jan 20, 2026
2 of 3 checks passed
@madster456 madster456 deleted the docs/ui/api-window branch January 20, 2026 19:05
@madster456 madster456 mentioned this pull request Jan 20, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vercel vercel[bot] vercel[bot] left review comments

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@N2D4 N2D4 N2D4 approved these changes

Assignees

@madster456 madster456

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@madster456 @N2D4