Skip to content

Fix potential race condition bug in pwless login #2758

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
alexvuong merged 35 commits into from
Jul 14, 2025
Merged

Fix potential race condition bug in pwless login #2758

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
35 commits
Select commit Hold shift + click to select a range
ea3b3df
fix pwless login in checkout contact info
alexvuong Jul 8, 2025
dc12c4a
fix changelog
alexvuong Jul 8, 2025
fc5e79e
minor fix
alexvuong Jul 8, 2025
d48e1af
lint
alexvuong Jul 8, 2025
c1c3804
lint
alexvuong Jul 8, 2025
0e89a9d
small fix
alexvuong Jul 8, 2025
80b0bfd
clean up
alexvuong Jul 8, 2025
86d6229
build translations
alexvuong Jul 8, 2025
eea3677
provide context
alexvuong Jul 8, 2025
5d705a3
apply the same for use auth modal
alexvuong Jul 9, 2025
6af0bca
fix the logic in use auth modal
alexvuong Jul 10, 2025
91c722e
fix the logic in login page
alexvuong Jul 10, 2025
9f6a29c
fix the logic in login page
alexvuong Jul 10, 2025
58bbcb3
translations
alexvuong Jul 10, 2025
8dec3de
Merge branch 'develop' into fix-pwless-login-contact-checkout
alexvuong Jul 10, 2025
b0a004f
lint
alexvuong Jul 10, 2025
774ab91
Merge branch 'develop' into fix-pwless-login-contact-checkout
alexvuong Jul 10, 2025
952ef3e
lint
alexvuong Jul 10, 2025
1233881
lint
alexvuong Jul 10, 2025
874797a
Merge branch 'develop' into fix-pwless-login-contact-checkout
alexvuong Jul 10, 2025
db741e2
allow enter to be aware of passwordless
alexvuong Jul 11, 2025
9180224
lint
alexvuong Jul 11, 2025
847f979
edit changlog
alexvuong Jul 11, 2025
bddbfe4
remove constant
alexvuong Jul 11, 2025
443a51a
simplify the logic
alexvuong Jul 14, 2025
07d4e75
simplify the logic
alexvuong Jul 14, 2025
eaa944a
simplify the logic
alexvuong Jul 14, 2025
c9626da
simplify the logic
alexvuong Jul 14, 2025
168c9f2
revert test
alexvuong Jul 14, 2025
c5c5756
lint
alexvuong Jul 14, 2025
f329e64
Merge branch 'develop' into fix-pwless-login-contact-checkout
alexvuong Jul 14, 2025
2ec021a
revert constants.js
alexvuong Jul 14, 2025
c60168e
Merge remote-tracking branch 'origin/fix-pwless-login-contact-checkou…
alexvuong Jul 14, 2025
1fd92cd
PR feedback
alexvuong Jul 14, 2025
251b983
Merge branch 'develop' into fix-pwless-login-contact-checkout
alexvuong Jul 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion packages/template-retail-react-app/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
- Minor updates to support BOPIS E2E tests [#2716](https://github.com/SalesforceCommerceCloud/pwa-kit/pull/2716)
- Provide support for partial hydration [#2696](https://github.com/SalesforceCommerceCloud/pwa-kit/pull/2696)
- Show Automatic Bonus Products on Cart Page [#2704](https://github.com/SalesforceCommerceCloud/pwa-kit/pull/2704)

- Fix passwordless race conditions in checkout contact info form [#2758](https://github.com/SalesforceCommerceCloud/pwa-kit/pull/2758)

## v6.1.0 (May 22, 2025)

Expand Down
31 changes: 16 additions & 15 deletions packages/template-retail-react-app/app/components/social-login/index.jsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,21 +96,22 @@ const SocialLogin = ({form, idps = []}) => {
const config = IDP_CONFIG[name.toLowerCase()]
const Icon = config?.icon
const message = formatMessage(config?.message)
return (
config && (
<Button
onClick={() => {
onSocialLoginClick(name)
}}
borderColor="gray.500"
color="blue.600"
variant="outline"
>
<Icon sx={{marginRight: 2}} />
{message}
</Button>
)
)
return (
config && (
<Button
key={name}
onClick={() => {
onSocialLoginClick(name)
}}
borderColor="gray.500"
color="blue.600"
variant="outline"
>
<Icon sx={{marginRight: 2}} />
{message}
</Button>
)
)
})}
</>
)
Expand Down
40 changes: 33 additions & 7 deletions packages/template-retail-react-app/app/pages/checkout/partials/contact-info.jsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,11 +107,6 @@ const ContactInfo = ({isSocialEnabled = false, isPasswordlessEnabled = false, id

const submitForm = async (data) => {
setError(null)
if (isPasswordlessLoginClicked) {
handlePasswordlessLogin(data.email)
setIsPasswordlessLoginClicked(false)
return
}
try {
if (!data.password) {
await updateCustomerForBasket.mutateAsync({
Expand Down Expand Up @@ -166,8 +161,39 @@ const ContactInfo = ({isSocialEnabled = false, isPasswordlessEnabled = false, id
}
}, [showPasswordField])

const onPasswordlessLoginClick = async () => {
setIsPasswordlessLoginClicked(true)
const onPasswordlessLoginClick = async (e) => {
// Prevent form submission
if (e) {
e.preventDefault()
e.stopPropagation()
}
const email = form.getValues().email
if (!email) {
form.setError('email', {
type: 'manual',
message: formatMessage({
defaultMessage: 'Please enter your email address.',
id: 'contact_info.error.email_required'
})
})
return
}

// Validate email format
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/
if (!emailRegex.test(email)) {
form.setError('email', {
type: 'manual',
message: formatMessage({
defaultMessage: 'Please enter a valid email address.',
id: 'contact_info.error.email_invalid'
})
})
return
}

// Handle passwordless login directly
await handlePasswordlessLogin(email)
}

return (
Expand Down
13 changes: 9 additions & 4 deletions packages/template-retail-react-app/app/pages/checkout/partials/contact-info.test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ jest.mock('../util/checkout-context', () => {

afterEach(() => {
jest.resetModules()
jest.restoreAllMocks()
})

describe('passwordless and social disabled', () => {
Expand Down Expand Up @@ -148,9 +149,11 @@ describe('passwordless enabled', () => {
})

test('allows passwordless login', async () => {
jest.spyOn(window, 'location', 'get').mockReturnValue({
pathname: '/checkout'
const mockLocation = jest.spyOn(window, 'location', 'get').mockReturnValue({
pathname: '/checkout',
origin: 'https://webhook.site'
Copy link
Contributor Author

@alexvuong alexvuong Jul 8, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fix error during tests

 console.error
    TypeError: Invalid URL: undefined//mobify/proxy/api
        ....

})

const {user} = renderWithProviders(<ContactInfo isPasswordlessEnabled={true} />)

// enter a valid email address
Expand All @@ -160,7 +163,6 @@ describe('passwordless enabled', () => {
const passwordlessLoginButton = screen.getByText('Secure Link')
// Click the button twice as the isPasswordlessLoginClicked state doesn't change after the first click
await user.click(passwordlessLoginButton)
await user.click(passwordlessLoginButton)
expect(
mockAuthHelperFunctions[AuthHelpers.AuthorizePasswordless].mutateAsync
).toHaveBeenCalledWith({
Expand All @@ -177,14 +179,17 @@ describe('passwordless enabled', () => {
})

// resend the email
user.click(screen.getByText(/Resend Link/i))
await user.click(screen.getByText(/Resend Link/i))
expect(
mockAuthHelperFunctions[AuthHelpers.AuthorizePasswordless].mutateAsync
).toHaveBeenCalledWith({
userid: validEmail,
callbackURI:
'https://webhook.site/27761b71-50c1-4097-a600-21a3b89a546c?redirectUrl=/checkout'
})

// Cleanup mocks
mockLocation.mockRestore()
})

test('allows login using password', async () => {
Expand Down
2 changes: 1 addition & 1 deletion packages/template-retail-react-app/app/pages/checkout/partials/login-state.jsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ const LoginState = ({
<Button
variant="outline"
borderColor="gray.500"
type="submit"
type="button"
Copy link
Contributor Author

@alexvuong alexvuong Jul 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We know that pwless does not require the same flow as other flows, we can safely use type=button to avoid it go through submission and handle the flow right in the onPasswordlessLoginClick handler

onClick={() => {
handlePasswordlessLoginClick()
}}
Expand Down
Loading