Skip to content

[dev] [tofikwest] tofik/portal-sign-in-email-otp-error #1870

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Marfuen merged 1 commit into from
Dec 5, 2025
Merged

[dev] [tofikwest] tofik/portal-sign-in-email-otp-error #1870

Marfuen merged 1 commit into from
Dec 5, 2025

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Dec 5, 2025

This is an automated pull request to merge tofik/portal-sign-in-email-otp-error into dev.
It was created by the [Auto Pull Request] action.

@cursor
Copy link

cursor bot commented Dec 5, 2025
edited
Loading

PR Summary

Pass request headers to email OTP sign-in, adapt Better Auth config, and upgrade better-auth to 1.4.5.

  • Auth/Login:
    • Pass request headers and enable asResponse in login.ts when calling auth.api.signInEmailOTP.
    • Fix error message typo for rate limiting.
  • Better Auth Config:
    • Update advanced config to use advanced.database.generateId: false in lib/auth.ts.
  • Dependencies:
    • Upgrade better-auth to ^1.4.5 in apps/portal/package.json and to 1.4.5 in root package.json; update lockfile.

Written by Cursor Bugbot for commit 390989d. This will update automatically on new commits. Configure here.

@vercel
Copy link

vercel bot commented Dec 5, 2025

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
app Building Building Preview Comment Dec 5, 2025 11:22pm
portal Building Building Preview Comment Dec 5, 2025 11:22pm

@graphite-app graphite-app bot requested a review from Marfuen December 5, 2025 23:22
@Marfuen Marfuen merged commit 64c12a7 into main Dec 5, 2025
8 of 12 checks passed
@Marfuen Marfuen deleted the tofik/portal-sign-in-email-otp-error branch December 5, 2025 23:23
@graphite-app
Copy link

graphite-app bot commented Dec 5, 2025

Graphite Automations

"Auto-assign PRs to Author" took an action on this PR • (12/05/25)

1 reviewer was added to this PR based on Mariano Fuentes's automation.

cursor[bot]
cursor bot reviewed Dec 5, 2025
View reviewed changes
apps/portal/src/app/actions/login.ts
email: parsedInput.email,
otp: parsedInput.otp,
},
asResponse: true,
Copy link

@cursor cursor bot Dec 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Missing response status check causes false login success

When using asResponse: true with auth.api.signInEmailOTP, the API returns a Response object instead of throwing on errors. The code ignores this response and unconditionally returns { success: true }, meaning failed OTP authentication (invalid/expired codes) will incorrectly report success to the client. Other usages of asResponse: true in the codebase properly check response.ok before considering the operation successful.

Fix in Cursor Fix in Web

claudfuen pushed a commit that referenced this pull request Dec 5, 2025
@semantic-release-bot
chore(release): 1.68.0 [skip ci]
249d57c 
# [1.68.0](v1.67.1...v1.68.0) (2025-12-05)

### Bug Fixes

* **home:** improve error handling in organization page ([#1869](#1869)) ([e86a2c2](e86a2c2))

### Features

* **auth:** update better-auth to version 1.4.5 and improve login handling ([#1870](#1870)) ([64c12a7](64c12a7))
@claudfuen
Copy link
Contributor

claudfuen commented Dec 5, 2025

🎉 This PR is included in version 1.68.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@Marfuen Marfuen Awaiting requested review from Marfuen

Assignees

No one assigned

Labels

automated-pr released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@claudfuen @Marfuen @tofikwest