@W-20443849 Set default passwordless mode to 'email' for apps created via pwa-kit-create-app

[hajinsuha1]

Description

Sets the default mode to email for passwordless login in pwa-kit-create-app

Types of Changes

• Bug fix (non-breaking change that fixes an issue)
• New feature (non-breaking change that adds functionality)
• Documentation update
• Breaking change (could cause existing functionality to not work as expected)
• Other changes (non-breaking changes that does not fit any of the above)

Breaking changes include:

• Removing a public function or component or prop
• Adding a required argument to a function
• Changing the data type of a function parameter or return value
• Adding a new peer dependency to package.json

Changes

• Update default.js.hbs to set default mode to email for passwordless login
• Update /_app-config/index.jsx.hbs to use the buildAbsoluteUrl() util to generate the passwordlessLoginCallbackURI

How to Test-Drive This PR

• Generate the project using pwa-kit-create-app

  GENERATOR_PRESET=retail-react-app-demo node packages/pwa-kit-create-app/scripts/create-mobify-app-dev.js --outputDir generated-retail-react-app-demo
  

• Select The Retail app with demo Commerce Cloud instance
• Once completed open default.js in the generated app

  code generated-retail-react-app-demo/config/default.js
  

• Verify in default.js app.login.passwordless.mode is set to email and callbackURI is commented out
• Verify in /_app-config/index.jsx the buildAbsoluteUrl utility is used
• In default.js
  • set app.login.passwordless.enabled to true

                passwordless: {
                    // Enables or disables passwordless login for the site. Defaults to: false
                    enabled: true,
    

  • update commerceAPI to use an instance of SLAS that has email otp enabled

            commerceAPI: {
                proxyPath: `/mobify/proxy/api`,
                parameters: {
                    clientId: 'CLIENT_ID',
                    organizationId: 'f_ecom_zzrf_001',
                    shortCode: 'staging-001',
                    siteId: 'RefArchGlobal'
                }
            },
    

• update ssrParameters to use the ecom instance with email OTP enabled

      ssrParameters: {
          ssrFunctionNodeVersion: '22.x',
          proxyConfigs: [
              {
                  host: 'staging-001.api.commercecloud.salesforce.com',
                  path: 'api'
              },
  

• In overrides/app/ssr.js
  • set useSLASPrivateClient to true
  • uncomment the applySLASPrivateClientToEndpoints property

        applySLASPrivateClientToEndpoints:
            /\/oauth2\/(token|passwordless\/(login|token)|password\/(reset|action))/,
    

• In overrides/app/components/_app-config/index.jsx add enablePWAKitPrivateClient={true} to the fields of CommerceApiProvider
• Set the private client secret and Start the app

  cd generated-retail-react-app-demo 
  export PWA_KIT_SLAS_CLIENT_SECRET=SECRET
  npm start
  

• Verify passwordless login works

Checklists

General

• Changes are covered by test cases
• CHANGELOG.md updated with a short description of changes (not required for documentation updates)

Accessibility Compliance

You must check off all items in one of the follow two lists:

• There are no changes to UI

or...

• Changes were tested with a Screen Reader (iOS VoiceOver or Android Talkback) and had no issues
• Changes comply with WCAG 2.0 guidelines levels A and AA
• Changes to common UI patterns and interactions comply with WAI-ARIA best practices

Localization

• Changes include a UI text update in the Retail React App (which requires translation)

[cc-prodsec]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.