Conversation
- Add GoogleSignInButton component with Google Identity Services integration - Add LoggedInScreen component to display authenticated user info - Implement auth state management with AuthProvider and useAuth hook - Add API client functions (login, logout, getCurrentUser) - Update App.tsx with auth flow: loading -> unauthenticated -> authenticated - Fix CORS configuration to allow credentials for session cookies - Add comprehensive test coverage for all new components (20 tests) - Add environment variable examples for both UI and API - Update HTML to include Google Identity Services script Users can now sign in with Google, and the app displays their user information fetched from the /user/current API endpoint, validating the end-to-end authentication flow.
- Add 'Completed' section showing Google authentication is live - Add 'Getting Started' guide for backend and frontend setup - Include prerequisites, setup steps, and test running instructions - Document required environment configuration
Codecov Report❌ Patch coverage is
Flags with carried forward coverage won't be shown. Click here to find out more.
🚀 New features to boost your workflow:
|
Contributor
There was a problem hiding this comment.
Pull request overview
Implements the UI flow for Google OAuth sign-in, including an auth context/provider, API client wiring for session cookies, and basic authenticated/unauthenticated screens.
Changes:
- Added UI auth state management (
AuthProvider/useAuth) plus API helpers to login/logout and fetch the current user. - Introduced Google Identity Services sign-in button + logged-in screen, and updated
Appto render based on auth state. - Added frontend tests and updated docs/env examples; enabled credentialed CORS on the API.
Reviewed changes
Copilot reviewed 16 out of 17 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| README.md | Updates project status and adds local setup + test commands. |
| apps/ui/tests/App.test.tsx | Updates App tests to cover loading/authenticated/unauthenticated rendering. |
| apps/ui/tests/GoogleSignInButton.test.tsx | Adds tests for GIS loading/config/errors and login callback behavior. |
| apps/ui/tests/LoggedInScreen.test.tsx | Adds tests for displaying user info and logout behavior. |
| apps/ui/src/types/google.d.ts | Adds global typings for window.google Google Identity Services API surface. |
| apps/ui/src/types/api.ts | Defines shared UI User type matching backend responses. |
| apps/ui/src/main.tsx | Wraps the app in AuthProvider so auth state is available globally. |
| apps/ui/src/lib/auth.tsx | Implements auth state machine (loading/authenticated/unauthenticated) and actions. |
| apps/ui/src/lib/api.ts | Adds API client functions for login/logout/current-user with cookie credentials. |
| apps/ui/src/components/LoggedInScreen.tsx | Adds a logged-in view with user details and logout button. |
| apps/ui/src/components/GoogleSignInButton.tsx | Renders Google GIS button and triggers login via ID token callback. |
| apps/ui/src/App.tsx | Switches UI to auth-gated screens (loading / sign-in / logged-in). |
| apps/ui/src/App.css | Adds styling for the login and logged-in screens. |
| apps/ui/index.html | Sets the app title and loads the Google Identity Services script. |
| apps/ui/.env.example | Documents required UI env vars (client ID, API base URL). |
| apps/api/src/api/app.py | Enables allow_credentials=True for CORS to support session cookies. |
| apps/api/.env.example | Documents API env vars for OAuth, CORS origins, and session secret. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
- Move GOOGLE_CLIENT_ID inside component for better testability - Add upfront env var validation with immediate error feedback - Add 10s timeout to SDK polling to prevent infinite checks - Add initialization guard to prevent double-rendering in React StrictMode - Clear container HTML before rendering to prevent duplicates - Remove dead error handling test in LoggedInScreen (now in AuthProvider) Addresses PR comments from copilot-pull-request-reviewer
- Move env var validation after all hooks (hooks must be unconditional) - Add GOOGLE_CLIENT_ID check in useEffect to prevent init if missing - Add eslint-disable comment for GOOGLE_CLIENT_ID dependency - All hooks now called unconditionally at component top level
- Run prettier --write to fix formatting in GoogleSignInButton and tests - Update CLAUDE.md PR guidelines to include format:check validation - Add format:check step to both UI and API pre-submission checklists This prevents CI failures from formatting issues.
Add 19 new tests to increase UI code coverage from 46.66% to 85%: - api.test.ts (9 tests): Complete coverage of login, logout, getCurrentUser - Success and error scenarios for all API functions - Abort signal handling - Relative vs absolute URL paths - auth.test.tsx (10 tests): Complete coverage of AuthProvider and useAuth - Initial auth check and state transitions - Login flow with Google token - Logout flow with error handling - Abort error handling on unmount - Context usage validation Coverage breakdown: - src/lib/api.ts: 0% → 100% - src/lib/auth.tsx: 1.72% → 96.55% - Overall: 46.66% → 85% (exceeds 80% target) All 38 tests passing with no warnings.
Owner
Author
PR Review Comments AddressedAll review comments from @copilot-pull-request-reviewer have been addressed in commits 9815d29, d86127c, and 2361b81: ✅ Comment 1: Environment Variable ValidationIssue: Client ID validated inside effect but loading state renders first. Missing config shows "Loading..." until SDK loads, then error logs. Fixed:
Code: GoogleSignInButton.tsx#L18-L27 ✅ Comment 2: Polling TimeoutIssue: Fixed:
Code: GoogleSignInButton.tsx#L31-L53 ✅ Comment 3: Double InitializationIssue: Fixed:
Code: GoogleSignInButton.tsx#L61-L102 ✅ Comment 4: LoggedInScreen Dead Code (RESOLVED)Issue: Fixed:
Code: LoggedInScreen.tsx#L16-L18 ✅ Comment 5: ALLOWED_HOSTED_DOMAINS Documentation (RESOLVED)Issue: Comments suggested comma-separated values but Pydantic expects JSON array format. Fixed: Already correctly documented as JSON array format in Additional ImprovementsCode Quality
Test Coverage
Verification✅ All commits follow conventional commits format and are ready for review. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.