fix[tauri]: ability to actually log out of mobile app

[peterchinman]

No description provided.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

This pull request adds ephemeralSession: true to the iOS in-app SSO authenticate payload. The useLogout hook now uses isNativeMobilePlatform and Solid Router navigate; it clears auth state, awaits authServiceClient.logout(), tracks sign-out, and on native platforms performs a fetch to the logout endpoint then navigates to /login, while on non-native platforms it sets window.location.href to the auth-logout URL. The @inkibra/tauri-plugins git dependency source/commit was updated. No public/exported signatures changed.

Poem

🐰 I hopped to the login gate with care,

A tiny token, ephemeral and fair,
On phone I fetch, then scurry home,
On web the breeze will guide me roam,
Tail twitching, I celebrate the tweak,
Little rabbit dance, light and sleek.

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Description check	❓ Inconclusive	No pull request description was provided by the author, making it impossible to assess relevance to the changeset.	Add a description explaining why the logout fix was needed and what behavior changed in the mobile app logout flow.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'fix[tauri]: ability to actually log out of mobile app' directly describes the main change—fixing logout functionality for the Tauri mobile app.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch peter/tauri-logout

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@js/app/packages/core/auth/logout.ts`:
- Around line 39-48: The code contains a stray period after the opening brace in
the conditional that causes a parse error; remove the extraneous '.' so the if
statement reads if (isNativeMobilePlatform()) { ... } and keep the inner logic
unchanged (the fetch call with credentials/mode/redirect, catch, and
navigate('/login') for isNativeMobilePlatform(), and the window.location.href =
SERVER_HOSTS['auth-logout'] fallback) to restore valid syntax around
isNativeMobilePlatform(), fetch, navigate and SERVER_HOSTS['auth-logout'].
- Around line 40-45: Add a short inline comment above the fire-and-forget logout
fetch to explain why we're using mode: 'no-cors' and swallowing errors (i.e., we
don't want network failures to block client-side navigation), referencing the
fetch to SERVER_HOSTS['auth-logout'] and the subsequent navigate('/login') call;
keep it concise and mention that the request is intentionally non-blocking and
errors are ignored to ensure immediate redirect to login.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: f1e03c28-8e3e-4071-b5e5-8be40388c839

📥 Commits

Reviewing files that changed from the base of the PR and between 980df33 and 8a77a50.

⛔ Files ignored due to path filters (1)

• js/app/tauri/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (2)

• js/app/packages/app/component/auth/LoginOptions.tsx
• js/app/packages/core/auth/logout.ts

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Consider adding a brief comment explaining the fire-and-forget pattern.

The no-cors mode with swallowed errors is intentional for logout, but a brief comment would help future maintainers understand why errors are ignored.

📝 Suggested documentation

     if (isNativeMobilePlatform()) {
+      // Fire-and-forget: clear server session; navigate regardless of success
       await fetch(SERVER_HOSTS['auth-logout'], {
         credentials: 'include',
         mode: 'no-cors',
         redirect: 'manual',
       }).catch(() => {});
       navigate('/login');

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@js/app/packages/core/auth/logout.ts` around lines 40 - 45, Add a short inline
comment above the fire-and-forget logout fetch to explain why we're using mode:
'no-cors' and swallowing errors (i.e., we don't want network failures to block
client-side navigation), referencing the fetch to SERVER_HOSTS['auth-logout']
and the subsequent navigate('/login') call; keep it concise and mention that the
request is intentionally non-blocking and errors are ignored to ensure immediate
redirect to login.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@js/app/packages/core/auth/logout.ts`:
- Line 36: The call to undefined identifiers track and TrackingEvents in
logout.ts is causing the build failure; either remove the redundant
track(TrackingEvents.AUTH.LOGOUT) call (since analytics.track('sign_out') is
already called) or replace it by invoking the existing analytics instance from
useAnalytics() (e.g., use the analytics returned by useAnalytics() to send the
AUTH.LOGOUT event) so you no longer reference the undefined track/TrackingEvents
symbols.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 92d20849-82c8-43d7-8fc3-60fb4279b6e0

📥 Commits

Reviewing files that changed from the base of the PR and between 8a77a50 and 8e19551.

📒 Files selected for processing (1)

• js/app/packages/core/auth/logout.ts

[github-actions]

Preview: https://peter-tauri-logout-dq6tbg.preview.macro.com/app (b941363)

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@js/app/packages/core/auth/logout.ts`:
- Around line 36-42: In logout.ts inside the isNativeMobilePlatform() branch,
remove the awaiting of the fetch to SERVER_HOSTS['auth-logout'] so the network
call becomes fire-and-forget; call fetch(...) without await (keeping the
.catch(() => {}) to swallow errors) and immediately call navigate('/login') so
navigation is not blocked by a stalled request in the logout function.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 4f0f8e45-af43-42a0-8ff2-f6b48a027c6c

📥 Commits

Reviewing files that changed from the base of the PR and between df30c1b and 5c3c15e.

📒 Files selected for processing (1)

• js/app/packages/core/auth/logout.ts

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify that native logout currently gates navigation on awaited fetch.
# Expected: a match showing `await fetch(...)` before `navigate('/login')`.

rg -nPU -C2 "if \(isNativeMobilePlatform\(\)\) \{\n\s*await fetch\(SERVER_HOSTS\['auth-logout'\]," js/app/packages/core/auth/logout.ts
rg -nPU -C2 "await fetch\(SERVER_HOSTS\['auth-logout'\],[\s\S]*?\)\.catch\(\(\) => \{\}\);\n\s*navigate\('/login'\);" js/app/packages/core/auth/logout.ts

Repository: macro-inc/macro

Length of output: 566

---

Make logout navigation fire-and-forget instead of awaiting the network request.

The native mobile logout currently gates the /login navigation on an awaited fetch to the auth-logout endpoint. If that request stalls, the logout UX is delayed even though the error is silently caught and ignored. Remove the await to unblock navigation and provide immediate feedback to the user.

Suggested change

     if (isNativeMobilePlatform()) {
-      await fetch(SERVER_HOSTS['auth-logout'], {
+      void fetch(SERVER_HOSTS['auth-logout'], {
         credentials: 'include',
         mode: 'no-cors',
         redirect: 'manual',
       }).catch(() => {});
       navigate('/login');

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	if (isNativeMobilePlatform()) {
	await fetch(SERVER_HOSTS['auth-logout'], {
	credentials: 'include',
	mode: 'no-cors',
	redirect: 'manual',
	}).catch(() => {});
	navigate('/login');
	if (isNativeMobilePlatform()) {
	void fetch(SERVER_HOSTS['auth-logout'], {
	credentials: 'include',
	mode: 'no-cors',
	redirect: 'manual',
	}).catch(() => {});
	navigate('/login');

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@js/app/packages/core/auth/logout.ts` around lines 36 - 42, In logout.ts
inside the isNativeMobilePlatform() branch, remove the awaiting of the fetch to
SERVER_HOSTS['auth-logout'] so the network call becomes fire-and-forget; call
fetch(...) without await (keeping the .catch(() => {}) to swallow errors) and
immediately call navigate('/login') so navigation is not blocked by a stalled
request in the logout function.