feat: improve error handling for expired pending session

[mcstepp]

What does this PR do?

Fixes Linear ENG-1704

When a user has multiple organizations/workspaces, and they do not select a workspace with which to authenticate within 60 seconds, the pending session cookie expires. The organization selector dialog closes without indication of an error or any messaging as to why the authentication did not complete.

This PR adds appropriate error handling to alert the user to the condition and prompts them to re-authenticate.

Type of change

• Bug fix (non-breaking change which fixes an issue)
• [] Chore (refactoring code, technical debt, workflow improvements)
• Enhancement (small improvements)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How should this be tested?

1. Log in as a user with at least 2 workspaces/organizations
2. When the organization selector dialog opens, DO NOT select anything for at least 60 seconds.
3. After at least 60 seconds, select an organization and continue authentication.
4. Dialog should close, and the error banner should appear prompting the user to re-authenticate.

Checklist

Required

• Filled out the "How to test" section in this PR
• Read Contributing Guide
• Self-reviewed my own code
• Commented on my code in hard-to-understand areas
• Ran pnpm build
• Ran pnpm fmt
• Checked for warnings, there are none
• Removed all console.logs
• Merged the latest changes from main onto my branch with git pull origin main
• My changes don't cause any responsiveness issues

Appreciated

• If a UI change was made: Added a screen recording or screenshots to this PR
• Updated the Unkey Docs if changes were necessary

Summary by CodeRabbit

• Bug Fixes
  • Enhanced error messaging during sign-in. Users now receive more descriptive notifications when issues—such as expired authentication sessions—occur, helping guide necessary actions.
  • Improved error reporting during organization selection. This update ensures that any sign-in errors are communicated clearly, offering precise, actionable feedback to enhance overall user experience and system reliability.
  • Added a new error code for session expiration, providing clearer context for users when their pending authentication has expired.

[linear]

ENG-1704 Improve UX for expired temp session token

[changeset-bot]

⚠️ No Changeset found

Latest commit: 16efaa7

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
dashboard	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 8, 2025 8:30pm
engineering	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 8, 2025 8:30pm
play	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 8, 2025 8:30pm
www	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 8, 2025 8:30pm

[coderabbitai]

📝 Walkthrough

Walkthrough

This update refines error handling in the dashboard authentication flow. In the auth actions, a generic error in the completeOrgSelection function is replaced with a more specific message using a new error code. The sign-in components now use a setError function—passed as an onError prop to the organization selector—to manage error states effectively. The organization selector itself incorporates a try-catch block for calling completeOrgSelection, ensuring error messages are properly relayed. Additionally, a new error code, PENDING_SESSION_EXPIRED, with its descriptive message, is added to the authentication type definitions.

Changes

File(s)	Change Summary
apps/dashboard/app/auth/actions.ts	Updated error handling in completeOrgSelection by replacing a generic error with a structured response object that includes success, code, and message.
apps/dashboard/app/auth/sign-in/[[...sign-in]]/page.tsx apps/dashboard/app/auth/sign-in/org-selector.tsx	Enhanced error management in sign-in flow by destructuring setError from useSignIn, adding an onError prop to OrgSelector, and integrating a try-catch block in handleContinue with error forwarding and a finally block for dialog closure.
apps/dashboard/lib/auth/types.ts	Introduced a new enum value PENDING_SESSION_EXPIRED in AuthErrorCode and a corresponding error message in the errorMessages object.

Suggested labels

Bug, 🕹️ oss.gg, :joystick: 150 points, hacktoberfest

Suggested reviewers

• chronark
• ogzhanolguncu
• perkinsjr

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d5b93fe and 16efaa7.

📒 Files selected for processing (1)

• apps/dashboard/app/auth/actions.ts (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• apps/dashboard/app/auth/actions.ts

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: Build / Build
• GitHub Check: Test Agent Local / test_agent_local

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai plan to trigger planning for file edits and PR creation.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

Thank you for following the naming conventions for pull request titles! 🙏

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

apps/dashboard/app/auth/sign-in/org-selector.tsx (1)

44-61: Robust error handling implementation.

The try-catch-finally structure provides comprehensive error handling for both API response errors and exceptions. The error message differentiation between Error instances and other errors is a good practice.

Two minor suggestions for consideration:

1. The hardcoded support email in the fallback error message could be moved to a constants file to maintain DRY principles if used elsewhere.
2. You might want to add logging for unexpected errors to help with debugging.

  try {
    const result = await completeOrgSelection(selected);

    if (!result.success) {
      onError(result.message);
    }

    return;
  } catch (error) {
+   // Log unexpected errors for debugging
+   console.error('Error during organization selection:', error);
    const errorMessage =
      error instanceof Error
        ? error.message
        : "Failed to complete organization selection. Please re-authenticate or contact support@unkey.dev";

    onError(errorMessage);
  } finally {
    setIsOpen(false);
  }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between cb34c95 and d5b93fe.

📒 Files selected for processing (2)

• apps/dashboard/app/auth/sign-in/org-selector.tsx (2 hunks)
• apps/dashboard/lib/auth/types.ts (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• apps/dashboard/lib/auth/types.ts

🧰 Additional context used

🧬 Code Graph Analysis (1)

apps/dashboard/app/auth/sign-in/org-selector.tsx (2)

apps/dashboard/app/auth/actions.ts (1)

• completeOrgSelection (159-178)

apps/dashboard/lib/auth/workos.ts (1)

• completeOrgSelection (716-754)

🔇 Additional comments (2)

apps/dashboard/app/auth/sign-in/org-selector.tsx (2)

25-25: Good addition of error handling prop.

Adding the onError callback prop provides a clear and type-safe mechanism for error propagation to the parent component, which aligns perfectly with the PR's objective to improve error handling for expired sessions.

---

28-28: LGTM!

The component signature is properly updated to destructure and use the new onError prop.

[ogzhanolguncu]

With google auth I've waited more than 60 sec and alert didn't appear then this showed up. Maybe just a local/staging issue?

[mcstepp]

What's your vercel log say?

[perkinsjr]

Error: Pending Authentication has expired. Please sign-in again.

Shows in the logs for vercel.

[ogzhanolguncu]

I feel like this a funky staging issue

[mcstepp]

:thinkies:

[perkinsjr]

Server components don't just become funky in staging, this would be the same in production... It's probably because the error gets swallowed incorrectly.

[ogzhanolguncu]

I'm glad we caught it then 😄

[mcstepp]

This is why we test in staging :D

[mcstepp]

Instead of just yeeting to prod

[perkinsjr]

It's because the error is a 500...

[perkinsjr]

So when it's returned it thinks it's a server component error is my guess.

[ogzhanolguncu]

btw its not being triggered until I close the dialog myself. maybe that helps

[perkinsjr]

That is how it would work.

User sits at the screen comes back, clicks "my org" it would return the error to please login again.

[ogzhanolguncu]

but in the pr description it was saying dialog closes automatically bla bla thats why I said this

[perkinsjr]

Ah you did not read.

"The organization selector dialog closes without indication of an error or any messaging as to why the authentication did not complete.
This PR adds appropriate error handling to alert the user to the condition and prompts them to re-authenticate."

[ogzhanolguncu]

shiitt sorry maybe I'm too sleepy 😄

[mcstepp]

I'll change the action to not throw when there's no pending token, and use an error response instead

[mcstepp]

One sec

[ogzhanolguncu]

:chef_kissing_fingers_intensifies:
image.png

[mcstepp]

:lfg: