fix: harden Firebase auth error handling and fix silent regression in RegisterPage#16
Merged
Conversation
- SocialAuth restores local error state; calls clearError() to prevent parent forms from double-displaying the same error - Fixed silent failure in RegisterPage Step 1 where social auth errors were only rendered on Step 3 (caught by Codex adversarial review) - Updated auth/popup-closed-by-user message to mention env vars and Firebase Authorized Domains as the most common cause on new deploys - Error color unified to text-verdict-fail (was text-red-500)
- CLAUDE.md: Docker base image rules (Alpine vs node:XX-alpine), npm install vs npm ci rules, Firebase auth deployment checklist, error code reference (popup-closed, unauthorized-domain, etc.) - TODOS.md: created with P2 items for Firebase health endpoint and Vitest auth unit test setup
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
RegisterPageStep 1 were invisible to the user (error was rendered only on Step 3; navigating away cleared it). Caught by Codex adversarial review during CEO+Eng review session.SocialAuthnow owns its own error display via local state, callsclearError()after catching to prevent parent forms (SignInForm,SignUpFlow) from double-displaying the same error message.auth/popup-closed-by-usermessage to mention missing env vars and Firebase Authorized Domains as the most common cause on fresh deployments (matching CLAUDE.md runbook).SocialAuthunified totext-verdict-faildesign system token (wastext-red-500).firebaseConfiguredexport added tofirebase.js— UI renders "Social sign-in is not configured." when Firebase env vars are absent.auth/account-exists-with-different-credential,auth/popup-blocked,auth/popup-closed-by-user,auth/unauthorized-domain.Test Coverage
Test generation skipped — no test framework configured. Vitest setup tracked in TODOS.md (P2).
Test plan written to
~/.gstack/projects/Quorum/for/qaand/qa-onlyconsumption.Critical paths to verify manually:
Pre-Landing Review
1 issue found, 1 auto-fixed:
[AUTO-FIXED]SocialAuth.jsx:50—text-red-500→text-verdict-fail(design system consistency)Design Review
Design Review (lite): 1 finding — 1 auto-fixed, 0 skipped. Color token consistency: clean.
Eval Results
No prompt-related files changed — evals skipped.
Greptile Review
No Greptile comments.
TODOS
GET /api/auth/firebase-health)Test plan
🤖 Generated with Claude Code