fix(auth): trezor auth flow and wallet main state updates

[takenagain]

Fixes the Trezor auth login bug by

• Calling setState in addPostFrameCallback to fix the issue with BlocConsumer not calling the builder function for auth state updates (successful login).
• Skipping the lifecycle resume check for Trezor for now until the connection status RPC can be incorporated to check the connection status on resume.

Before

Screen.Recording.2025-07-09.at.14.34.48.mov

After

after.mov

Summary by CodeRabbit

• Bug Fixes

  • Improved tab navigation stability in the wallet view, ensuring smoother updates when authentication status changes.
  • Enhanced authentication handling to better support Trezor wallets, preventing certain users from being incorrectly logged in.

• Refactor

  • Streamlined internal state management for authentication and wallet tab controls for improved reliability.

[coderabbitai]

Walkthrough

The changes update authentication and wallet UI logic. They introduce an abstract method for listening to authentication state changes in the Trezor authentication mixin, refine error handling formatting, and improve tab controller management in the wallet main view. Mixins and class inheritance are updated for clarity and correctness.

Changes

File(s)	Change Summary
lib/bloc/auth_bloc/auth_bloc.dart	Refined import order, added condition to exclude 'trezor' wallets from certain auth logic, added @OverRide.
lib/bloc/auth_bloc/trezor_auth_mixin.dart	Added abstract _listenToAuthStateChanges method, improved error formatting, minor logic and declaration tweaks.
lib/views/wallet/wallet_page/wallet_main/wallet_main.dart	Switched to TickerProviderStateMixin, added _updateTabController, deferred setState, reorganized imports.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant WalletMain
    participant AuthBloc
    participant TrezorAuthMixin

    User->>WalletMain: Interacts with wallet UI
    WalletMain->>AuthBloc: Listens for Auth State
    AuthBloc->>TrezorAuthMixin: Calls _listenToAuthStateChanges()
    TrezorAuthMixin-->>AuthBloc: Abstract method implemented in AuthBloc
    AuthBloc-->>WalletMain: Emits Auth State changes
    WalletMain->>WalletMain: Calls _updateTabController(authenticated)

Loading

Suggested labels

QA

Suggested reviewers

• smk762
• CharlVS
• AndrewDelaney

Poem

A rabbit hops through code so bright,
Tweaking tabs and auth just right.
Trezor listens, states align,
Errors formatted—oh, so fine!
With every hop, the wallet’s neat—
Bugs retreat in swift defeat!
🐇✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between acd6386 and a0565e9.

📒 Files selected for processing (3)

• lib/bloc/auth_bloc/auth_bloc.dart (2 hunks)
• lib/bloc/auth_bloc/trezor_auth_mixin.dart (8 hunks)
• lib/views/wallet/wallet_page/wallet_main/wallet_main.dart (4 hunks)

🧰 Additional context used

🧠 Learnings (3)

lib/views/wallet/wallet_page/wallet_main/wallet_main.dart (6)

Learnt from: takenagain
PR: KomodoPlatform/komodo-wallet#2566
File: lib/bloc/coins_bloc/coins_bloc.dart:10-10
Timestamp: 2025-04-01T15:51:37.060Z
Learning: In the Komodo Wallet project, part files share imports with their parent files. The import for `app_config.dart` in `coins_bloc.dart` is necessary because the part file `coins_state.dart` uses `excludedAssetList` from that package.

Learnt from: takenagain
PR: KomodoPlatform/komodo-wallet#2611
File: test_units/tests/system_health/system_clock_repository_test.dart:7-8
Timestamp: 2025-05-08T19:07:13.442Z
Learning: In the Komodo Wallet project, test files are structured to define test functions that are called from a central test runner in test_units/main.dart, rather than each test file having its own main() function.

Learnt from: takenagain
PR: KomodoPlatform/komodo-wallet#2611
File: test_units/tests/system_health/system_clock_repository_test.dart:7-8
Timestamp: 2025-05-08T19:07:13.442Z
Learning: In the Komodo Wallet project, test files are structured to define test functions that are called from a central test runner in test_units/main.dart, rather than each test file having its own main() function.

Learnt from: takenagain
PR: KomodoPlatform/komodo-wallet#2566
File: lib/bloc/coins_bloc/coins_bloc.dart:10-10
Timestamp: 2025-04-01T15:51:37.060Z
Learning: The `excludedAssetList` from `app_config.dart` is used in the `_filterExcludedAssets` method in `coins_state.dart`. Since `coins_state.dart` is a part file of `coins_bloc.dart`, the import needs to be in the parent file even though it's not directly used there. In Dart, part files share the namespace and imports of their parent files.

Learnt from: takenagain
PR: KomodoPlatform/komodo-wallet#2611
File: test_units/tests/system_health/http_head_time_provider_test.dart:8-24
Timestamp: 2025-05-08T19:05:13.083Z
Learning: In the Komodo Wallet project, test functions are defined in individual files under `test_units/tests/` but are executed through the central entry point in `test_units/main.dart`, so individual test files don't need their own `main()` function.

Learnt from: takenagain
PR: KomodoPlatform/komodo-wallet#2608
File: lib/bloc/fiat/fiat_onramp_form/fiat_form_bloc.dart:2-3
Timestamp: 2025-05-01T21:00:36.970Z
Learning: It's acceptable to use unconditional `dart:io` imports in the Komodo wallet codebase when the usage is guarded by `!kIsWeb` conditional checks that prevent the platform-specific code from being executed in web environments.

lib/bloc/auth_bloc/auth_bloc.dart (6)

Learnt from: takenagain
PR: KomodoPlatform/komodo-wallet#2566
File: lib/bloc/coins_bloc/coins_bloc.dart:10-10
Timestamp: 2025-04-01T15:51:37.060Z
Learning: In the Komodo Wallet project, part files share imports with their parent files. The import for `app_config.dart` in `coins_bloc.dart` is necessary because the part file `coins_state.dart` uses `excludedAssetList` from that package.

Learnt from: takenagain
PR: KomodoPlatform/komodo-wallet#2566
File: lib/bloc/coins_bloc/coins_bloc.dart:10-10
Timestamp: 2025-04-01T15:51:37.060Z
Learning: The `excludedAssetList` from `app_config.dart` is used in the `_filterExcludedAssets` method in `coins_state.dart`. Since `coins_state.dart` is a part file of `coins_bloc.dart`, the import needs to be in the parent file even though it's not directly used there. In Dart, part files share the namespace and imports of their parent files.

Learnt from: takenagain
PR: KomodoPlatform/komodo-wallet#2608
File: lib/bloc/fiat/fiat_onramp_form/fiat_form_bloc.dart:2-3
Timestamp: 2025-05-01T21:00:36.970Z
Learning: It's acceptable to use unconditional `dart:io` imports in the Komodo wallet codebase when the usage is guarded by `!kIsWeb` conditional checks that prevent the platform-specific code from being executed in web environments.

Learnt from: takenagain
PR: KomodoPlatform/komodo-wallet#2611
File: test_units/tests/system_health/system_clock_repository_test.dart:7-8
Timestamp: 2025-05-08T19:07:13.442Z
Learning: In the Komodo Wallet project, test files are structured to define test functions that are called from a central test runner in test_units/main.dart, rather than each test file having its own main() function.

Learnt from: takenagain
PR: KomodoPlatform/komodo-wallet#2611
File: test_units/tests/system_health/system_clock_repository_test.dart:7-8
Timestamp: 2025-05-08T19:07:13.442Z
Learning: In the Komodo Wallet project, test files are structured to define test functions that are called from a central test runner in test_units/main.dart, rather than each test file having its own main() function.

Learnt from: takenagain
PR: KomodoPlatform/komodo-wallet#2611
File: test_units/tests/system_health/http_head_time_provider_test.dart:8-24
Timestamp: 2025-05-08T19:05:13.083Z
Learning: In the Komodo Wallet project, test functions are defined in individual files under `test_units/tests/` but are executed through the central entry point in `test_units/main.dart`, so individual test files don't need their own `main()` function.

lib/bloc/auth_bloc/trezor_auth_mixin.dart (1)

Learnt from: takenagain
PR: KomodoPlatform/komodo-wallet#2566
File: lib/bloc/coins_bloc/coins_bloc.dart:10-10
Timestamp: 2025-04-01T15:51:37.060Z
Learning: In the Komodo Wallet project, part files share imports with their parent files. The import for `app_config.dart` in `coins_bloc.dart` is necessary because the part file `coins_state.dart` uses `excludedAssetList` from that package.

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (11)

• GitHub Check: build_and_preview
• GitHub Check: Test web-app-linux-profile
• GitHub Check: Test web-app-macos
• GitHub Check: Build Desktop (linux)
• GitHub Check: Build Desktop (windows)
• GitHub Check: Build Desktop (macos)
• GitHub Check: Build Mobile (iOS)
• GitHub Check: Build Mobile (Android)
• GitHub Check: osv_scan
• GitHub Check: unit_tests
• GitHub Check: validate_code_guidelines

🔇 Additional comments (18)

lib/bloc/auth_bloc/auth_bloc.dart (4)

5-6: Import reorganization looks good.

The import statement for PrivateKeyPolicy is properly organized and follows Dart conventions.

---

330-331: Well-implemented Trezor wallet detection logic.

The logic correctly identifies Trezor wallets by checking the private key policy using a proper equality comparison with the expected PrivateKeyPolicy.trezor() value.

---

333-336: Proper exclusion of Trezor wallets from auto-login.

The conditional check correctly excludes Trezor wallets from the automatic login process during lifecycle checks, which aligns with the specialized Trezor authentication flow handled by the mixin.

---

339-340: Correct implementation of abstract method.

The @override annotation properly indicates that this method implements the abstract method defined in TrezorAuthMixin, ensuring the authentication state listening is properly integrated.

lib/views/wallet/wallet_page/wallet_main/wallet_main.dart (5)

5-21: Import reorganization approved.

The import statements have been reorganized but maintain all necessary dependencies. The reordering appears to follow a logical grouping pattern.

---

55-55: Good mixin upgrade for multiple controller support.

Changing from SingleTickerProviderStateMixin to TickerProviderStateMixin is appropriate as it provides more flexibility for managing multiple animation controllers if needed in the future.

---

70-72: Excellent fix for potential build conflicts.

Wrapping the setState call in addPostFrameCallback prevents potential issues where state updates might occur during the build phase, which could cause exceptions.

---

77-83: Well-designed tab controller update logic.

The new _updateTabController method properly:

• Checks if the controller length needs to change
• Disposes the old controller before creating a new one
• Reuses the existing _initTabController method

This approach prevents memory leaks and ensures proper controller lifecycle management.

---

119-122: Proper integration of new tab controller management.

The switch from _initTabController to _updateTabController in the BlocConsumer listener ensures that the tab controller is properly updated when authentication state changes, maintaining the existing tab state when possible.

lib/bloc/auth_bloc/trezor_auth_mixin.dart (9)

16-18: Well-defined abstract method contract.

The abstract method _listenToAuthStateChanges() properly defines the contract that implementing classes must follow, with clear documentation about its purpose.

---

25-27: Improved const usage for better performance.

The changes properly use const for the authOptions variable and correctly remove the unnecessary const keyword from the PrivateKeyPolicy.trezor() constructor call.

---

42-42: Proper integration of auth state listening.

Calling _listenToAuthStateChanges() after the authentication stream completes ensures that the authentication state monitoring starts at the appropriate time in the Trezor authentication flow.

---

60-60: Good method signature formatting.

The method signature reformatting improves readability while maintaining the same functionality.

---

93-93: Correct async/await optimization.

Removing the unnecessary await keyword and returning the future directly is a good optimization that doesn't change the behavior but improves performance slightly.

---

95-107: Enhanced error handling readability.

The multi-line formatting for error handling improves code readability and makes it easier to understand the error construction parameters.

---

120-125: Consistent error formatting in wallet setup.

The error handling formatting is consistent with the other error cases in the file, improving overall code maintainability.

---

149-170: Consistent error formatting in PIN handling.

The multi-line error formatting in the PIN handling methods matches the pattern used throughout the file, improving consistency and readability.

---

181-205: Consistent error formatting in passphrase handling.

The error formatting in the passphrase handling method maintains consistency with the rest of the file while improving readability.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[takenagain]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[github-actions]

Visit the preview URL for this PR (updated for commit a0565e9):

https://walletrc--pull-2890-merge-vm2xtza9.web.app

_{(expires Wed, 16 Jul 2025 13:19:30 GMT)}

_{🔥 via Firebase Hosting GitHub Action 🌎}

_{Sign: f66a4ff03faa546f12f0ae5a841bd9eff2714dcc}

[Copilot]

Pull Request Overview

This PR fixes the Trezor authentication flow by ensuring UI state updates correctly after login and adjusts the TabController when auth state changes. It also refactors Trezor mixin error handling and scopes the initial auth listener to non-Trezor wallets.

• Add post-frame callback for safe setState on tab changes and introduce _updateTabController
• Refactor Trezor auth mixin to use const, multi-line error emits, and declare abstract listener hook
• Modify auth bloc to only auto-listen for non-Trezor wallets on startup

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File	Description
lib/views/wallet/wallet_page/wallet_main/wallet_main.dart	Wraps setState in addPostFrameCallback, replaces inline length checks with _updateTabController helper
lib/bloc/auth_bloc/trezor_auth_mixin.dart	Adds abstract _listenToAuthStateChanges(), converts AuthOptions to const, reformats error emits
lib/bloc/auth_bloc/auth_bloc.dart	Imports PrivateKeyPolicy higher, changes startup listener to skip Trezor wallets

Comments suppressed due to low confidence (1)

lib/views/wallet/wallet_page/wallet_main/wallet_main.dart:77

• [nitpick] Consider guarding against disposing an uninitialized _tabController (e.g., check for null or mounted) before calling dispose() to avoid potential runtime errors.

  void _updateTabController(bool authenticated) {

[Copilot]

Spelling: "overriden" should be corrected to "overridden" in the doc comment.

Suggested change

	/// Abstract method overriden in [AuthBloc] to start listening
	/// Abstract method overridden in [AuthBloc] to start listening

[Copilot]

[nitpick] The error emission code is duplicated across multiple branches; consider extracting a helper method to construct and emit error states to reduce repetition.

[Copilot]

This condition prevents emitting loggedIn for Trezor wallets on startup. If Trezor authentication should also trigger loggedIn, this logic may skip necessary state updates.

Suggested change

	if (currentUser != null && !isTrezorWallet) {
	if (currentUser != null) {