[FEAT] move authentication to the server #6
Conversation
| @@ -6,6 +6,46 @@ interface TimesheetWidgetProps { | |||
| timesheetData: TimesheetData; | |||
| } | |||
|
|
|||
| //i think u guys have an hours work data but this works too | |||
| function calculateHoursWorked(startTime: string, endTime: string, breakDuration: string): string { | |||
There was a problem hiding this comment.
I think it's more reliable to get the data from the google sheet. We have some special rules for calculating this, and I don't want there to be any issues with differences between frontend and db. Let's take this out for now and we will work on bringing this later along with a few other cool changes.
…ic cognito signup errors
…ank, more error logging
| } | ||
|
|
||
| _, err = cognitoClient.ConfirmSignUp(confirmInput) | ||
| if err != nil { |
There was a problem hiding this comment.
err can be many different errors, and we want to decipher whether its an actual system error (like the lambda failed) or if it's a user error like a code mismatch. If it's a user error, we want to return 400 status with a useful error message so it can be displayed on the frontend alert.
Please look through the SDK docs and figure out ones we should look for.
See this as an example.
| Password: aws.String(resetReq.Password), | ||
| } | ||
|
|
||
| _, err = svc.ConfirmForgotPassword(ctx, input) |
There was a problem hiding this comment.
err can be many different errors, and we want to decipher whether its an actual system error (like the lambda failed) or if it's a user error like a code mismatch. If it's a user error, we want to return 400 status with a useful error message so it can be displayed on the frontend alert.
Please look through the SDK docs and figure out ones we should look for.
See this as an example.
| _, err = svc.ForgotPassword(ctx, input) | ||
| if err != nil { | ||
| fmt.Println("error calling ForgotPassword,", err) | ||
| return events.APIGatewayProxyResponse{ |
There was a problem hiding this comment.
err can be many different errors, and we want to decipher whether its an actual system error (like the lambda failed) or if it's a user error like a code mismatch. If it's a user error, we want to return 400 status with a useful error message so it can be displayed on the frontend alert.
In this case, InvalidParameterException is returned when the email is unverified/doesn't exist. Let's return a 400 with a useful message in that case. Do the same for other user error cases.
Please look through the SDK docs and figure out ones we should look for.
See this as an example.
| 'Content-Type': 'application/json', | ||
| }, | ||
| }); | ||
| switch (response.status) { |
There was a problem hiding this comment.
After updating the backend to include 400 responses for user errors, please handle the 400 responses to display a useful error message to the user so they know what to do next.
See this as an example:
W2FHR/src/frontend/src/components/Authentication/helpers/authentication.ts
Lines 280 to 302 in cec8362
| }, | ||
| body: JSON.stringify({ email, code: verificationCode, password: newPassword }), | ||
| }); | ||
| switch (response.status) { |
There was a problem hiding this comment.
After updating the backend to include 400 responses for user errors, please handle the 400 responses to display a useful error message to the user so they know what to do next.
See this as an example:
W2FHR/src/frontend/src/components/Authentication/helpers/authentication.ts
Lines 280 to 302 in cec8362
There was a problem hiding this comment.
NIT: the error message that's displayed to the client is written both on the backend and frontend. Since the error handling is kinda jank throughout our code, I won't block approval because of it. However, in the future, maybe we should consolidate all the error message to the server and just have the client display the message.
However... LGTM. GOOD WORK!!!
Let's squash merge with a message like [FEAT] move authentication to the server.
…play message when confirmation code doesn't match
…buttons to each step of login/signup/auth
frontend auth branch