fix(platform): use safeGetAuthUser for graceful unauthenticated handling

[larryro]

Summary

• authComponent.getAuthUser() throws ConvexError("Unauthenticated") instead of returning null, making null checks in query/helper functions dead code
• Switched 8 call sites across 6 files to safeGetAuthUser() which returns undefined instead of throwing, allowing queries to gracefully return null/false for unauthenticated users
• Mutations and actions that intentionally require authentication remain unchanged

Test plan

• Verify hasMicrosoftAccount query no longer throws Unauthenticated error in Convex logs
• Verify unauthenticated users see graceful fallback behavior (no error toasts)
• Verify authenticated users still get correct results from all modified functions
• TypeScript typecheck passes (npx tsc --noEmit)

🤖 Generated with Claude Code

Summary by CodeRabbit

• Refactor
  • Improved internal authentication handling across account, organization, and single sign-on services.

[greptile-apps]

Greptile Summary

Replaced authComponent.getAuthUser() with authComponent.safeGetAuthUser() across 8 call sites in 6 files to prevent ConvexError("Unauthenticated") exceptions in queries and helpers that should gracefully handle unauthenticated users.

• All modified functions are queries, helpers, or actions that already had null-checking logic
• The switch from throwing getAuthUser() to non-throwing safeGetAuthUser() makes existing null checks functional instead of dead code
• Mutations and other authentication-requiring operations correctly remain unchanged
• Allows UI to display graceful fallbacks instead of error toasts for unauthenticated users

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• The changes are surgical and well-scoped, replacing a throwing authentication method with a non-throwing variant in functions that already handle null cases. All modified functions are queries/helpers designed to work with unauthenticated users, while mutations correctly continue using the throwing variant for security.
• No files require special attention

Important Files Changed

Filename	Overview
services/platform/convex/accounts/helpers.ts	replaced getAuthUser with safeGetAuthUser in 3 query functions to handle unauthenticated users gracefully
services/platform/convex/onedrive/with_microsoft_token.ts	switched to safeGetAuthUser to return error object instead of throwing for unauthenticated users
services/platform/convex/organizations/get_current_organization.ts	changed to safeGetAuthUser allowing graceful null return for unauthenticated access
services/platform/convex/organizations/get_organization.ts	updated to safeGetAuthUser to return null instead of throwing when unauthenticated
services/platform/convex/sso_providers/get_auth_user.ts	switched to safeGetAuthUser for consistent null handling without exceptions
services/platform/convex/sso_providers/get_microsoft_token.ts	replaced getAuthUser with safeGetAuthUser to gracefully return null for unauthenticated queries

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Query/Helper Function Called] --> B{User Authenticated?}
    
    B -->|No - Before PR| C[getAuthUser throws ConvexError]
    C --> D[Error Toast in UI]
    
    B -->|No - After PR| E[safeGetAuthUser returns undefined]
    E --> F[Null check catches it]
    F --> G[Return null/false gracefully]
    G --> H[UI shows fallback state]
    
    B -->|Yes - Both versions| I[Returns user object]
    I --> J[Continue with business logic]
    J --> K[Return actual data]

Loading

_{Last reviewed commit: 5b619c3}

[coderabbitai]

📝 Walkthrough

Walkthrough

This pull request systematically replaces calls to authComponent.getAuthUser(ctx) with authComponent.safeGetAuthUser(ctx) across six files in the Convex backend services layer. The changes affect authentication retrieval in accounts, Microsoft token handling, organization queries, and SSO provider functions. All surrounding null-check logic and control flow remain unchanged; only the authentication retrieval mechanism is updated.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• fix: replace DB-based auth with JWT identity in queries #404: Both PRs replace unsafe authentication retrieval methods with safer alternatives across multiple backend functions.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: replacing getAuthUser() with safeGetAuthUser() across multiple files to enable graceful unauthenticated handling. It is specific, concise, and clearly communicates the primary fix.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/use-safe-get-auth-user-for-queries

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@services/platform/convex/accounts/helpers.ts`:
- Around line 50-53: getMicrosoftAccount currently logs a console.warn when
safeGetAuthUser returns null even though unauthenticated is a valid,
non-exceptional path; remove the noisy warning and return null silently (or use
debug-only logging) so unauthenticated queries don't spam logs. Locate the
getMicrosoftAccount function and the authComponent.safeGetAuthUser call and
delete or replace the console.warn('getMicrosoftAccount: No authenticated user')
with no-op or a debug logger call, and ensure any similar handling of
authComponent.getAuthUser in Convex query handlers follows the same
silent/empty-catch pattern.