Atlas integration for authentication, user settings, email confirmation, uploads

[Harman-singh-waraich]

• inital effort to support siwe from atlas

Related to https://github.com/kleros/atlas/pull/57

---

PR-Codex overview

This PR primarily focuses on refactoring and restructuring the authentication and user management functionalities, with significant changes to various utility functions, environment variables, and component implementations for email confirmation and user settings.

Detailed summary

• Deleted several utility and function files related to user authorization and Supabase types.
• Added new utility functions for user operations (addUser, updateEmail, confirmEmail, fetchUser, getNonce, loginUser).
• Updated environment variables to include REACT_APP_ATLAS_URI.
• Changed sessionStorage to localStorage in useSessionStorage hook.
• Refactored EnsureAuth component to use context for user state management.
• Introduced AtlasProvider context for handling user authentication and data fetching.
• Implemented EmailConfirmation component for handling email verification.
• Enhanced form handling in FormContactDetails to manage user settings and email verification.
• Updated SVG icons and styles for better UI consistency.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

Summary by CodeRabbit

• New Features

  • Enhanced user authentication management through a new context provider.
  • Implemented email confirmation functionality for streamlined user verification.
  • Added a dedicated component for email confirmation and status feedback.
  • Introduced functionality for fetching user data via GraphQL.
  • Added a component to display email verification status and resend verification emails.
  • Introduced functionality for uploading files to IPFS.
  • New route added for the Settings page.

• Bug Fixes

  • Improved error handling during user data retrieval processes.

• Refactor

  • Streamlined authentication component structure for better maintainability.
  • Updated components to leverage the new context provider for user management.
  • Simplified logic in user settings management for improved user experience.

• Chores

  • Updated project dependencies and configuration settings.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

The recent updates introduce a comprehensive user authentication management system through the implementation of the AtlasProvider, which facilitates interactions with an Atlas API. A new EmailConfirmation component has been added to handle the email verification process. Additionally, utility functions for confirming emails and fetching user data have been introduced, enhancing state management and streamlining user interactions. Several files related to IPFS uploads and authentication middleware have been removed, reflecting a shift in the project's architecture.

Changes

File	Change Summary
web/src/context/AtlasProvider.tsx	Implemented AtlasProvider for user authentication and session management. Added IAtlasProvider interface and useAtlasProvider hook.
web/src/pages/Settings/EmailConfirmation/index.tsx	Added EmailConfirmation component for handling email verification using query parameters.
web/src/utils/atlas/confirmEmail.ts	Introduced confirmEmail function with GraphQL mutation for email confirmation. Added types ConfirmEmailData and ConfirmEmailResponse.
web/src/utils/atlas/fetchUser.ts	Added fetchUser function to retrieve user data via GraphQL, including types GetUserResponse and User.
web/src/utils/atlas/index.ts	Updated to re-export uploadToIpfs along with other user management functionalities.
web/src/utils/atlas/uploadToIpfs.ts	Introduced functionality for uploading files to IPFS, including enumerations and structured payload types.
web/src/layout/Header/navbar/Menu/Settings/Notifications/FormContactDetails/EmailVerificationInfo.tsx	Added EmailVerificationInfo component to display email verification status and resend verification email. Introduced IEmailInfo interface.
web/src/layout/Header/navbar/Menu/Settings/Notifications/FormContactDetails/index.tsx	Modified FormContactDetails component to use useAtlasProvider for user settings management, simplifying logic and integrating email update functionality.
web/package.json	Updated project version to 0.2.0, removed generate:supabase script, and updated dependencies.
web/.env.*	Added REACT_APP_ATLAS_URI environment variable to multiple .env files.
web/netlify/functions/uploadToIPFS.ts, web/netlify/middleware/authMiddleware.ts	Deleted files related to IPFS upload functionality and authentication middleware.

Possibly related PRs

• Atlas integration for authentication, user settings, email confirmation, uploads #1654: This PR introduces the AtlasProvider context, which is directly related to user authentication and email confirmation, similar to the main PR's focus on user session management and email confirmation processes.
• Atlas integration for file uploads to IPFS #1687: This PR adds the uploadFile method to the AtlasProvider, which is relevant to the main PR's changes involving file uploads to IPFS and user-related functionalities.
• Add REACT_APP_DEVTOOLS_URL to the court #1708: This PR updates environment variables related to the Atlas integration, which aligns with the main PR's modifications to the REACT_APP_ATLAS_URI variable.
• Renamed DisputeRequest._arbitrableDisputeID into _arbitratorDisputeID #1711: This PR renames the _arbitrableDisputeID to _arbitratorDisputeID, which is relevant to the context of dispute management and user interactions, connecting to the user-related functionalities in the main PR.

Suggested labels

Package: Backend Storage

Suggested reviewers

• alcercu
• kemuru

Poem

In the realm of code, a rabbit hops,
With emails confirmed and no more flops.
Tokens dance and sessions thrive,
In the Atlas, we come alive!
New hooks and states, a joyful cheer,
For every user, we hold dear. 🐇✨

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai or @coderabbitai title anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[netlify]

❌ Deploy Preview for kleros-v2-university failed. Why did it fail? →

Name	Link
🔨 Latest commit	e72bd47
🔍 Latest deploy log	https://app.netlify.com/sites/kleros-v2-university/deploys/670ffb9c46f8b900089d1d3d

[netlify]

✅ Deploy Preview for kleros-v2-neo ready!

Name	Link
🔨 Latest commit	e72bd47
🔍 Latest deploy log	https://app.netlify.com/sites/kleros-v2-neo/deploys/670ffb9c2539af0008e607c2
😎 Deploy Preview	https://deploy-preview-1654--kleros-v2-neo.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[netlify]

✅ Deploy Preview for kleros-v2-testnet ready!

Name	Link
🔨 Latest commit	e72bd47
🔍 Latest deploy log	https://app.netlify.com/sites/kleros-v2-testnet/deploys/670ffb9c4ebc9c00086506f2
😎 Deploy Preview	https://deploy-preview-1654--kleros-v2-testnet.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[coderabbitai]

Actionable comments posted: 2

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between a1dff3b and c755571.

Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

Files selected for processing (3)

• web/package.json (1 hunks)
• web/src/components/EnsureAuth.tsx (5 hunks)
• web/src/utils/authoriseUser.ts (3 hunks)

Additional comments not posted (5)

web/src/utils/authoriseUser.ts (2)

11-15: Verify the correctness of the GraphQL query construction.

The query construction looks correct, but ensure the authData.message and authData.signature are properly sanitized to prevent injection attacks.

---

44-48: Verify the correctness of the GraphQL query construction.

The query construction looks correct, but ensure the address is properly sanitized to prevent injection attacks.

web/src/components/EnsureAuth.tsx (2)

Line range hint 44-56:
Ensure proper handling of the sign-in process.

The sign-in process looks correct. Ensure the createMessage function is correctly implemented and the signMessageAsync function handles errors properly.

---

Line range hint 79-97:
Ensure proper construction of the SIWE message.

The message construction looks correct. Ensure the getNonce function is correctly implemented and the createSiweMessage function handles errors properly.

web/package.json (1)

120-120: Verify the package update.

The viem package version was updated from 2.1.0 to 2.17.3. Ensure there are no compatibility issues with this update.

[coderabbitai]

Actionable comments posted: 1

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between c755571 and e985455.

Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

Files selected for processing (10)

• web/.env.devnet-neo.public (1 hunks)
• web/.env.devnet-university.public (1 hunks)
• web/.env.devnet.public (1 hunks)
• web/.env.local.public (1 hunks)
• web/.env.mainnet-neo.public (1 hunks)
• web/.env.testnet.public (1 hunks)
• web/netlify/middleware/authMiddleware.ts (1 hunks)
• web/package.json (1 hunks)
• web/src/components/EnsureAuth.tsx (6 hunks)
• web/src/utils/authoriseUser.ts (2 hunks)

Files skipped from review due to trivial changes (1)

• web/.env.devnet-neo.public

Additional comments not posted (10)

web/.env.local.public (1)

5-5: Ensure consistency and security for environment variables.

The new environment variable REACT_APP_ATLAS_URI is added correctly. Ensure that this variable is documented and follows the project's naming conventions. Verify that it does not expose any sensitive information.

web/.env.testnet.public (1)

6-6: Ensure consistency and security for environment variables.

The new environment variable REACT_APP_ATLAS_URI is added correctly. Ensure that this variable is documented and follows the project's naming conventions. Verify that it does not expose any sensitive information.

web/.env.devnet.public (1)

7-7: Ensure consistency and security for environment variables.

The new environment variable REACT_APP_ATLAS_URI is added correctly. Ensure that this variable is documented and follows the project's naming conventions. Verify that it does not expose any sensitive information.

web/.env.mainnet-neo.public (1)

8-8: New environment variable added for local GraphQL endpoint.

The addition of REACT_APP_ATLAS_URI pointing to http://localhost:3000/graphql is noted. Ensure this variable is used appropriately in the codebase and does not conflict with existing configurations.

Verify the usage of this new environment variable in the codebase.

Verification successful

---

New environment variable REACT_APP_ATLAS_URI is used in the codebase.

The environment variable REACT_APP_ATLAS_URI is referenced in the following file:

• web/src/utils/authoriseUser.ts

This confirms its usage and ensures there are no conflicts with existing configurations.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the usage of the new environment variable `REACT_APP_ATLAS_URI`.

# Test: Search for the usage of `REACT_APP_ATLAS_URI`. Expect: Occurrences of the new variable.
rg --type js --type ts --type tsx 'REACT_APP_ATLAS_URI'

Length of output: 83

---

Script:

#!/bin/bash
# Description: Verify the usage of the new environment variable `REACT_APP_ATLAS_URI`.

# Test: Search for the usage of `REACT_APP_ATLAS_URI` in JavaScript, JSX, and TypeScript files.
rg --type js --type jsx --type ts 'REACT_APP_ATLAS_URI'

Length of output: 83

---

Script:

#!/bin/bash
# Description: Verify the usage of the new environment variable `REACT_APP_ATLAS_URI`.

# Test: Search for the usage of `REACT_APP_ATLAS_URI` in JavaScript, JSX, and TypeScript files.
rg --glob '*.js' --glob '*.jsx' --glob '*.ts' 'REACT_APP_ATLAS_URI'

Length of output: 158

web/.env.devnet-university.public (1)

8-8: New environment variable added for local GraphQL endpoint.

The addition of REACT_APP_ATLAS_URI pointing to http://localhost:3000/graphql is noted. Ensure this variable is used appropriately in the codebase and does not conflict with existing configurations.

Verify the usage of this new environment variable in the codebase.

Verification successful

---

Environment variable REACT_APP_ATLAS_URI is used appropriately.

The variable REACT_APP_ATLAS_URI is utilized in the codebase within web/src/utils/authoriseUser.ts. Ensure this usage aligns with the intended configuration and does not conflict with other settings.

• web/src/utils/authoriseUser.ts: const atlasUri = import.meta.env.REACT_APP_ATLAS_URI ?? "";

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the usage of the new environment variable `REACT_APP_ATLAS_URI`.

# Test: Search for the usage of `REACT_APP_ATLAS_URI`. Expect: Occurrences of the new variable.
rg --type js --type ts --type tsx 'REACT_APP_ATLAS_URI'

Length of output: 83

---

Script:

#!/bin/bash
# Description: Verify the usage of the new environment variable `REACT_APP_ATLAS_URI`.

# Test: Search for the usage of `REACT_APP_ATLAS_URI`. Expect: Occurrences of the new variable.
rg --type js --type ts --type-add 'tsx:*.{ts,tsx}' 'REACT_APP_ATLAS_URI'

Length of output: 163

web/src/utils/authoriseUser.ts (2)

59-85: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to getNonce match the new return type.

---

12-44: LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to authoriseUser match the new return type.

Verification successful

---

Verified: The function usage matches the new return type.

The authoriseUser function is correctly handled in EnsureAuth.tsx, with the returned token being used appropriately.

• web/src/components/EnsureAuth.tsx: The authoriseUser function call correctly handles the Promise<string> return type.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all function calls to `authoriseUser` match the new return type.

# Test: Search for the function usage. Expect: Only occurrences of the new return type.
rg --type js -A 5 $'authoriseUser'

Length of output: 33

---

Script:

#!/bin/bash
# Description: Verify all function calls to `authoriseUser` match the new return type.

# Search for the function usage in JavaScript and TypeScript files.
rg --type-add 'ts:*.{ts,tsx}' -A 5 'authoriseUser'

# Search for import statements of the function to trace its usage.
rg --type-add 'ts:*.{ts,tsx}' -A 5 'import { authoriseUser'

Length of output: 1322

---

Script:

#!/bin/bash
# Description: Extract more lines around the function call in EnsureAuth.tsx to verify the handling of the new return type.

rg --type-add 'ts:*.{ts,tsx}' -A 10 -B 5 'authoriseUser' web/src/components/EnsureAuth.tsx

Length of output: 968

web/src/components/EnsureAuth.tsx (2)

Line range hint 79-97:
LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to createMessage are correctly updated.

Verification successful

---

LGTM! The createMessage function usage is correctly updated and self-contained within the EnsureAuth.tsx file. No further action required.

• web/src/components/EnsureAuth.tsx: Verified the function usage.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all function calls to `createMessage` are correctly updated.

# Test: Search for the function usage. Expect: Only occurrences of the new function name.
rg --type js -A 5 $'createMessage'

Length of output: 33

---

Script:

#!/bin/bash
# Description: Verify all function calls to `createMessage` are correctly updated.

# Test: Search for the function usage in .ts, .tsx, and .js files. Expect: Only occurrences of the new function name.
rg --type-add 'ts:*.{ts,tsx}' --type-add 'js:*.{js,jsx}' -A 10 $'createMessage'

Length of output: 1502

---

Line range hint 4-56:
LGTM! But verify the function usage in the codebase.

The code changes are approved.

However, ensure that all function calls to createMessage and JWT payload handling are correctly updated.

Verification successful

---

Verify function usage in the codebase

The code changes are approved, but ensure that all function calls to createMessage and JWT payload handling are correctly updated. The search results confirm that createMessage and jwt.decodeJwt are used correctly in EnsureAuth.tsx. Additionally, payload is handled properly in both EnsureAuth.tsx and authMiddleware.ts.

• createMessage is correctly used in web/src/components/EnsureAuth.tsx.
• JWT payload handling with jwt.decodeJwt and payload is correctly implemented in web/src/components/EnsureAuth.tsx and web/netlify/middleware/authMiddleware.ts.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all function calls to `createMessage` and JWT payload handling are correctly updated.

# Test: Search for the function usage. Expect: Only occurrences of the new function name and payload property.
rg --type js -A 5 $'createMessage'
rg --type js -A 5 $'payload.sub'

Length of output: 65

---

Script:

#!/bin/bash
# Description: Verify all function calls to `createMessage` and JWT payload handling are correctly updated.

# Search for the function usage in all relevant file types
rg --type js,ts,tsx -A 5 'createMessage'
rg --type js,ts,tsx -A 5 'payload.sub'

Length of output: 147

---

Script:

#!/bin/bash
# Description: Verify all function calls to `createMessage` and JWT payload handling are correctly updated.

# Search for the function usage in JavaScript, TypeScript, and TSX files separately
rg --type js -A 5 'createMessage'
rg --type ts -A 5 'createMessage'
rg --type tsx -A 5 'createMessage'

rg --type js -A 5 'payload.sub'
rg --type ts -A 5 'payload.sub'
rg --type tsx -A 5 'payload.sub'

Length of output: 1127

---

Script:

#!/bin/bash
# Description: Verify JWT payload handling by searching for 'payload.sub' without restricting file types.

# Search for 'payload.sub' in all files
rg -A 5 'payload.sub'

Length of output: 21

---

Script:

#!/bin/bash
# Description: Verify JWT payload handling by searching for 'jwt.decodeJwt' and 'payload' in all files.

# Search for 'jwt.decodeJwt' in all files
rg -A 5 'jwt.decodeJwt'

# Search for 'payload' in all files
rg -A 5 'payload'

Length of output: 1757

web/package.json (1)

121-121: LGTM! But verify the package usage in the codebase.

The version update is approved.

However, ensure that all usages of the viem package are compatible with the new version.

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between e985455 and 53b7b2a.

Files selected for processing (3)

• web/netlify/functions/fetch-settings.ts (1 hunks)
• web/netlify/functions/update-settings.ts (1 hunks)
• web/netlify/middleware/authMiddleware.ts (2 hunks)

Files skipped from review as they are similar to previous changes (1)

• web/netlify/middleware/authMiddleware.ts

Additional comments not posted (2)

web/netlify/functions/fetch-settings.ts (1)

9-9: LGTM! But verify the usage of event.auth.sub in the codebase.

The change from event.auth.id to event.auth.sub aligns with standard practices for using subject claims in authentication tokens.

However, ensure that all references to event.auth.sub are correctly used throughout the codebase.

Verification successful

---

Usage of event.auth.sub is correct and isolated.

The change from event.auth.id to event.auth.sub is consistent with standard practices. The usage is correctly handled in the web/netlify/functions/fetch-settings.ts file.

• web/netlify/functions/fetch-settings.ts: Correct usage of event.auth.sub.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all references to `event.auth.sub` in the codebase.

# Test: Search for the usage of `event.auth.sub`. Expect: Correct usage in all instances.
rg --type js --type ts -A 5 $'event.auth.sub'

Length of output: 544

web/netlify/functions/update-settings.ts (1)

66-66: LGTM! But verify the usage of event.auth.sub in the codebase.

The change from event?.auth?.id to event?.auth?.sub aligns with standard practices for using subject claims in authentication tokens.

However, ensure that all references to event.auth.sub are correctly used throughout the codebase.

Verification successful

The usage of event.auth.sub in fetch-settings.ts appears consistent with the change in update-settings.ts. However, to ensure comprehensive verification, we need to check the context of its usage in fetch-settings.ts and look for any other instances in the codebase.

---

LGTM! The usage of event.auth.sub is consistent and correctly handled in the codebase.

• web/netlify/functions/fetch-settings.ts: The event.auth.sub is used to fetch user settings from the database, and its usage is correct.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all references to `event.auth.sub` in the codebase.

# Test: Search for the usage of `event.auth.sub`. Expect: Correct usage in all instances.
rg --type js --type ts -A 5 $'event.auth.sub'

Length of output: 544

---

Script:

#!/bin/bash
# Description: Verify the context of `event.auth.sub` usage in `fetch-settings.ts` and search for any other instances in the codebase.

# Search for the usage of `event.auth.sub` in `fetch-settings.ts` with extended context.
rg --type ts -A 10 -B 10 $'event.auth.sub' web/netlify/functions/fetch-settings.ts

# Search for any other instances of `event.auth.sub` in the codebase.
rg --type js --type ts -A 5 $'event.auth.sub'

Length of output: 1281

[fcanela]

LGTM so far. Ping again when it is out of draft

[coderabbitai]

Actionable comments posted: 1

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 53b7b2a and 33b818e.

Files selected for processing (4)

• web/src/components/EnsureAuth.tsx (7 hunks)
• web/src/layout/Header/navbar/Menu/Settings/Notifications/index.tsx (1 hunks)
• web/src/pages/Cases/CaseDetails/Evidence/SubmitEvidenceModal.tsx (1 hunks)
• web/src/pages/Resolver/index.tsx (1 hunks)

Additional comments not posted (6)

web/src/layout/Header/navbar/Menu/Settings/Notifications/index.tsx (1)

8-8: Verify the default export of EnsureAuth.

The import statement has been changed to a default import. Ensure that the EnsureAuth component is exported as a default export from its module.

Verification successful

---

The EnsureAuth component is correctly exported as a default export.

• The EnsureAuth component is exported as a default export from web/src/components/EnsureAuth.tsx.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that `EnsureAuth` is exported as a default export.

# Test: Search for the export statement in the `EnsureAuth` component file.
rg --type js --type ts 'export default EnsureAuth' web/src/components/EnsureAuth.tsx

Length of output: 113

web/src/components/EnsureAuth.tsx (3)

33-33: Ensure the JWT payload structure is consistent.

The validation logic now uses payload.sub instead of payload.id. Ensure that the JWT payload structure consistently uses sub for the subject identifier.

---

44-44: Ensure the createMessage function is correctly implemented.

Verify that the createMessage function is correctly implemented and replaces the previous createSiweMessage function.

Verification successful

---

The createMessage function is correctly implemented and relies on the createSiweMessage function from the viem/siwe module.

• The createMessage function is defined in web/src/components/EnsureAuth.tsx.
• It correctly calls createSiweMessage, which is imported from the viem/siwe module.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the implementation of the `createMessage` function.

# Test: Search for the implementation of the `createMessage` function.
rg --type js --type ts 'async function createMessage'

Length of output: 196

---

Script:

#!/bin/bash
# Description: Extract the full implementation of the `createMessage` function and search for the `createSiweMessage` function for comparison.

# Extract the full implementation of the `createMessage` function.
ast-grep --lang tsx --pattern $'async function createMessage($_, $_, $_) {
  $$$
}'

# Search for the implementation of the `createSiweMessage` function.
rg --type js --type ts 'function createSiweMessage'

Length of output: 1436

---

Script:

#!/bin/bash
# Search for the definition or import of the `createSiweMessage` function in the codebase.

# Search for the definition of `createSiweMessage`.
rg --type js --type ts 'function createSiweMessage'

# Search for imports of `createSiweMessage`.
rg --type js --type ts 'import { createSiweMessage }'

Length of output: 229

---

Script:

#!/bin/bash
# Search for the definition or import of the `createSiweMessage` function in the codebase.

# Search for the definition of `createSiweMessage`.
rg --type js --type ts 'function createSiweMessage'

# Search for imports of `createSiweMessage`.
rg --type js --type ts 'import { createSiweMessage }' --fixed-strings

Length of output: 206

---

Line range hint 79-97:
Ensure the createMessage function handles all required fields.

The createMessage function should handle all required fields for the SIWE message. Verify that all necessary fields are included.

web/src/pages/Cases/CaseDetails/Evidence/SubmitEvidenceModal.tsx (1)

14-14: Verify the default export of EnsureAuth.

The import statement has been changed to a default import. Ensure that the EnsureAuth component is exported as a default export from its module.

Verification successful

---

Verification successful.

The EnsureAuth component is correctly exported as a default export from its module.

• web/src/components/EnsureAuth.tsx: export default EnsureAuth;

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that `EnsureAuth` is exported as a default export.

# Test: Search for the export statement in the `EnsureAuth` component file.
rg --type js --type ts 'export default EnsureAuth' web/src/components/EnsureAuth.tsx

Length of output: 113

web/src/pages/Resolver/index.tsx (1)

12-12: Verify the export change in EnsureAuth module.

The import statement for EnsureAuth has been changed from a named import to a default import. Ensure that EnsureAuth is now being exported as a default export from its module.

Verification successful

---

Verified: The import statement for EnsureAuth has been correctly updated to a default import in web/src/pages/Resolver/index.tsx, consistent with its default export in web/src/components/EnsureAuth.tsx.

• web/src/pages/Resolver/index.tsx
• web/src/components/EnsureAuth.tsx

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that EnsureAuth is being exported as a default export from its module.

# Test: Search for the export statement of EnsureAuth. Expect: EnsureAuth should be exported as a default export.
rg --type js --type ts $'export default EnsureAuth'

Length of output: 113

[coderabbitai]

Actionable comments posted: 4

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 33b818e and ba2442a.

Files selected for processing (7)

• web/src/app.tsx (2 hunks)
• web/src/components/EnsureAuth.tsx (1 hunks)
• web/src/context/AtlasProvider.tsx (1 hunks)
• web/src/utils/atlas/createMessage.ts (1 hunks)
• web/src/utils/atlas/getNonce.ts (1 hunks)
• web/src/utils/atlas/index.ts (1 hunks)
• web/src/utils/atlas/loginUser.ts (1 hunks)

Files skipped from review due to trivial changes (1)

• web/src/utils/atlas/index.ts

Additional comments not posted (3)

web/src/utils/atlas/createMessage.ts (1)

6-7: Verify compatibility with server-side rendering.

The use of window.location may cause issues if this function is used in a server-side rendering context.

web/src/components/EnsureAuth.tsx (1)

14-30: Refactor improves maintainability and clarity.

The refactoring to use useAtlasProvider simplifies the component and enhances separation of concerns. The default export is a good practice for component exports.

web/src/app.tsx (1)

33-99: Verify the integration of AtlasProvider.

Ensure that the placement of AtlasProvider as the outermost provider is intentional and that all components requiring its context are correctly wrapped. Verify that there are no unintended side effects on other providers or components.

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between ba2442a and ddd06d1.

Files selected for processing (4)

• web/src/context/AtlasProvider.tsx (1 hunks)
• web/src/utils/atlas/createMessage.ts (1 hunks)
• web/src/utils/atlas/getNonce.ts (1 hunks)
• web/src/utils/atlas/loginUser.ts (1 hunks)

Files skipped from review as they are similar to previous changes (4)

• web/src/context/AtlasProvider.tsx
• web/src/utils/atlas/createMessage.ts
• web/src/utils/atlas/getNonce.ts
• web/src/utils/atlas/loginUser.ts

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between ddd06d1 and 5b41eda.

Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

Files selected for processing (1)

• web/src/context/AtlasProvider.tsx (1 hunks)

Files skipped from review as they are similar to previous changes (1)

• web/src/context/AtlasProvider.tsx

[coderabbitai]

Actionable comments posted: 9

🧹 Outside diff range and nitpick comments (9)

web/src/utils/atlas/index.ts (1)

1-8: LGTM! Consider grouping related exports.

The changes look good and align with the PR objectives. The addition of uploadToIpfs enhances the module's capabilities for managing user-related data and interactions.

Consider grouping related exports together for better organization. For example:

// User authentication and management
export * from "./loginUser";
export * from "./getNonce";
export * from "./createMessage";
export * from "./addUser";
export * from "./fetchUser";
export * from "./updateEmail";
export * from "./confirmEmail";

// File management
export * from "./uploadToIpfs";

This grouping can improve readability and make it easier to understand the different categories of functionality provided by this module.

web/.env.testnet.public (1)

Add web/.env.testnet.public to .gitignore to prevent accidental commits of sensitive information.

• Update .gitignore with the following entry:

  web/.env.testnet.public
  

🔗 Analysis chain

Line range hint 1-11: Ensure sensitive information is properly managed

While the comment at the top of the file states "Do not enter sensitive information here", some of the variables (like WALLETCONNECT_PROJECT_ID and ALCHEMY_API_KEY) could potentially contain sensitive information.

To ensure that no sensitive information is accidentally committed, let's verify if there's a .gitignore file properly set up:

Consider the following security best practices:

1. Use a secret management system for sensitive values in production environments.
2. Implement a clear process for managing different environment configurations (development, staging, production).
3. Document the purpose and expected format of each environment variable to prevent misuse.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if .gitignore exists and if it includes .env files
if [ -f .gitignore ]; then
    echo "Contents of .gitignore:"
    cat .gitignore
    echo "\nChecking for .env patterns:"
    grep -i "\.env" .gitignore
else
    echo ".gitignore file not found"
fi

Length of output: 3777

web/.env.devnet-neo.public (1)

Line range hint 1-11: Reminder: Ensure proper environment variable management across different environments.

While the current setup looks good for development, remember to:

1. Keep sensitive information out of public environment files.
2. Use appropriate values for REACT_APP_ATLAS_URI in different environments (development, staging, production).
3. Consider using a secret management system for production environments.

web/.env.devnet-university.public (1)

8-8: Approve the addition of REACT_APP_ATLAS_URI, but consider improvements.

The addition of REACT_APP_ATLAS_URI aligns with the PR objectives for Atlas integration. However, consider the following suggestions:

1. Add a comment explaining the purpose of this variable for better maintainability.
2. Consider using a placeholder value (e.g., ${ATLAS_URI}) instead of hardcoding localhost:3000. This allows for easier configuration across different development environments.

Example:

# Atlas API endpoint for authentication and user settings
export REACT_APP_ATLAS_URI=${ATLAS_URI:-http://localhost:3000}

This change would improve clarity and flexibility for different development setups.

web/src/utils/atlas/uploadToIpfs.ts (2)

5-7: Consider future extensibility of the Products enum.

The Products enum currently only contains one product (CourtV2). While this might be sufficient for the current implementation, consider if there's a possibility of adding more products in the future. If so, it might be beneficial to design the enum with extensibility in mind.

---

50-60: Well-configured toast messages with a suggestion for improvement.

The toast configuration provides clear feedback to the user for different states of the upload process. Including the specific error message is helpful for debugging.

One suggestion for improvement:
Consider adding a dismissible option to the success toast. Long-lasting success messages might clutter the UI unnecessarily.

You could modify the success configuration like this:

success: {
  render: "Uploaded successfully!",
  autoClose: 3000, // Auto close after 3 seconds
  closeButton: true // Allow manual dismissal
},

This change would make the success message automatically disappear after 3 seconds, but also allow users to dismiss it manually if they wish.

web/src/pages/Resolver/Policy/index.tsx (2)

61-64: LGTM: Updated file upload logic with minor suggestion.

The file upload logic has been successfully updated to use the Atlas provider's uploadFile function, which aligns with the PR objectives. The error handling and state management are maintained.

Consider adding more informative error handling for the case when cid is falsy:

 uploadFile(file, Roles.Policy)
   .then(async (cid) => {
-    if (!cid) return;
+    if (!cid) {
+      throw new Error("Failed to upload file: No CID returned");
+    }
     setDisputeData({ ...disputeData, policyURI: cid });
   })
   .catch((err) => console.log(err))

This change would provide more context if the upload fails without returning a CID.

---

Line range hint 1-94: Overall implementation looks good.

The changes in this file successfully integrate the Atlas provider for file uploads, aligning with the PR objectives. The code is well-structured, and the new implementation is more concise. The error handling and state management have been maintained throughout the changes.

As the application continues to evolve with Atlas integration, consider creating a custom hook (e.g., useFileUpload) that encapsulates the file upload logic, including error handling and state management. This would promote reusability and consistency across different components that may need file upload functionality.

web/src/pages/Cases/CaseDetails/Evidence/SubmitEvidenceModal.tsx (1)

86-86: Remove unnecessary dependency setIsSending from the dependency array

The setIsSending function from useState is stable and does not need to be included in the dependency array of useCallback.

Consider updating the dependency array:

-   }, [publicClient, wagmiConfig, walletClient, close, evidenceGroup, file, message, setIsSending, uploadFile]);
+   }, [publicClient, wagmiConfig, walletClient, close, evidenceGroup, file, message, uploadFile]);

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 9382b7f and 6f58f20.

📒 Files selected for processing (13)

• web/.env.devnet-neo.public (1 hunks)
• web/.env.devnet-university.public (1 hunks)
• web/.env.devnet.public (1 hunks)
• web/.env.local.public (1 hunks)
• web/.env.mainnet-neo.public (1 hunks)
• web/.env.testnet.public (1 hunks)
• web/netlify/functions/uploadToIPFS.ts (0 hunks)
• web/netlify/middleware/authMiddleware.ts (0 hunks)
• web/src/context/AtlasProvider.tsx (1 hunks)
• web/src/pages/Cases/CaseDetails/Evidence/SubmitEvidenceModal.tsx (3 hunks)
• web/src/pages/Resolver/Policy/index.tsx (2 hunks)
• web/src/utils/atlas/index.ts (1 hunks)
• web/src/utils/atlas/uploadToIpfs.ts (1 hunks)

💤 Files with no reviewable changes (2)

• web/netlify/functions/uploadToIPFS.ts
• web/netlify/middleware/authMiddleware.ts

🧰 Additional context used

📓 Learnings (2)

web/src/context/AtlasProvider.tsx (1)

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1687
File: web/src/context/AtlasProvider.tsx:225-244
Timestamp: 2024-10-15T16:18:32.543Z
Learning: In `web/src/context/AtlasProvider.tsx`, the `atlasUri` variable comes from environment variables and does not change, so it does not need to be included in dependency arrays.

web/src/pages/Cases/CaseDetails/Evidence/SubmitEvidenceModal.tsx (2)

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1687
File: web/src/pages/Cases/CaseDetails/Evidence/SubmitEvidenceModal.tsx:67-84
Timestamp: 2024-10-08T16:23:56.291Z
Learning: In the `submitEvidence` function of the SubmitEvidenceModal component, the try-catch block is specifically designed to handle errors from the `constructEvidence` function, which may throw an Error if file upload fails. This ensures that the file is successfully uploaded before proceeding with evidence submission and transaction signing.

Learnt from: Harman-singh-waraich
PR: kleros/kleros-v2#1687
File: web/src/pages/Cases/CaseDetails/Evidence/SubmitEvidenceModal.tsx:67-84
Timestamp: 2024-09-12T14:45:48.019Z
Learning: In the `submitEvidence` function of the SubmitEvidenceModal component, the try-catch block is specifically designed to handle errors from the `constructEvidence` function, which may throw an Error if file upload fails. This ensures that the file is successfully uploaded before proceeding with evidence submission and transaction signing.

🔇 Additional comments (9)

web/src/utils/atlas/index.ts (1)

8-8: Verify the implementation and usage of uploadToIpfs.

The addition of uploadToIpfs export is a significant change. Let's ensure it's properly implemented and used correctly throughout the codebase.

Run the following script to verify the implementation and usage of uploadToIpfs:

This script will help us confirm that:

1. The uploadToIpfs function is properly implemented.
2. It's being imported correctly in other parts of the codebase.
3. It's being used appropriately where needed.

Please review the results to ensure the new functionality is correctly integrated.

web/.env.local.public (1)

5-5: LGTM: New Atlas URI environment variable added.

The addition of REACT_APP_ATLAS_URI aligns with the PR objectives for Atlas integration. This localhost URL is suitable for local development.

Please confirm that using a localhost URL is appropriate for your development workflow. For production, ensure that this value is overridden with the correct Atlas service URL.

✅ Verification successful

REACT_APP_ATLAS_URI Verified

The environment variable REACT_APP_ATLAS_URI is correctly utilized in web/src/context/AtlasProvider.tsx, and no hardcoded Atlas URIs were found in the codebase. This ensures proper configuration and integration with the Atlas service.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the usage of REACT_APP_ATLAS_URI in the codebase

# Test: Search for REACT_APP_ATLAS_URI usage
echo "Searching for REACT_APP_ATLAS_URI usage:"
rg --type js --type ts --type tsx "REACT_APP_ATLAS_URI"

# Test: Check if there are any hardcoded Atlas URIs that should use the environment variable
echo "Checking for potential hardcoded Atlas URIs:"
rg --type js --type ts --type tsx "atlas.*\.kleros\.io" -g '!*.test.*' -g '!*/__tests__/*'

Length of output: 394

---

Script:

#!/bin/bash
# Description: Verify the usage of REACT_APP_ATLAS_URI in the codebase using specific file extensions

# Test: Search for REACT_APP_ATLAS_URI usage
echo "Searching for REACT_APP_ATLAS_URI usage:"
rg "REACT_APP_ATLAS_URI" -g "*.js" -g "*.ts" -g "*.tsx"

# Test: Check if there are any hardcoded Atlas URIs that should use the environment variable
echo "Checking for potential hardcoded Atlas URIs:"
rg "atlas.*\.kleros\.io" -g "*.js" -g "*.ts" -g "*.tsx" -g '!*.test.*' -g '!*/__tests__/*'

Length of output: 570

web/.env.testnet.public (1)

6-6: ⚠️ Potential issue

Consider using a non-localhost URL for the REACT_APP_ATLAS_URI in the testnet environment.

The newly added REACT_APP_ATLAS_URI is currently set to http://localhost:3000. While this might be suitable for local development, it may not be appropriate for a shared testnet environment.

Consider the following suggestions:

1. If this is intended for local testing only, it might be better to move this variable to a local .env file that's not committed to the repository.
2. If Atlas should be accessible in the testnet environment, replace localhost with the actual testnet URL for the Atlas service.
3. If the URL varies depending on the deployment, consider using a placeholder value (e.g., REACT_APP_ATLAS_URI=<ATLAS_TESTNET_URL>) and document how to set this value in the project's README or deployment guide.

To ensure this change doesn't conflict with any existing configurations or documentation, let's check for any mentions of Atlas in the project:

✅ Verification successful

REACT_APP_ATLAS_URI is appropriately configured for local testing.

The REACT_APP_ATLAS_URI is solely used within AtlasProvider.tsx to set up the local GraphQL client. Setting it to http://localhost:3000 is suitable for a local testnet environment and does not affect other parts of the codebase.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for any mentions of Atlas in the project files
rg -i "atlas" --type md --type js --type ts --type jsx --type tsx

Length of output: 93

---

Script:

#!/bin/bash
# Search for any mentions of Atlas in the project files using glob patterns
rg -i "atlas" --glob "*.md" --glob "*.js" --glob "*.ts" --glob "*.jsx" --glob "*.tsx"

Length of output: 4504

---

Script:

#!/bin/bash
# Search for all instances of REACT_APP_ATLAS_URI in the project files
rg "REACT_APP_ATLAS_URI" --glob "*.md" --glob "*.js" --glob "*.ts" --glob "*.jsx" --glob "*.tsx"

Length of output: 328

web/.env.devnet-university.public (1)

Line range hint 1-12: Reminder: Ensure sensitive data protection.

While reviewing this configuration file, it's crucial to emphasize the importance of protecting sensitive information. Please ensure that:

1. No actual API keys, project IDs, or other sensitive data are committed to the repository.
2. Developers are aware of the need to populate these values locally or through a secure method.
3. Consider using a secrets management system for handling sensitive data in different environments.

To double-check that no sensitive data has been accidentally committed, you can run the following script:

If this script returns any results, please review them to ensure no actual sensitive data is present.

web/src/utils/atlas/uploadToIpfs.ts (2)

16-26: Well-structured type definitions.

The IpfsUploadPayload and Config types are well-defined and provide a clear structure for the upload process. The use of the Products and Roles enums in IpfsUploadPayload ensures type safety and consistency.

---

28-33: Well-implemented function signature and FormData preparation.

The uploadToIpfs function is well-defined with clear parameters and return type. The use of FormData for preparing the upload payload is appropriate, and all necessary fields are correctly appended.

web/src/pages/Resolver/Policy/index.tsx (2)

8-8: LGTM: New imports for Atlas integration.

The new imports for useAtlasProvider and Roles are correctly added and align with the PR objectives for Atlas integration.

Also applies to: 10-10

---

55-55: LGTM: Atlas provider hook usage.

The uploadFile function is correctly extracted from the useAtlasProvider hook, aligning with the Atlas integration objectives.

web/src/context/AtlasProvider.tsx (1)

268-316: LGTM: Well-implemented context provider and hook

The implementation of the context provider and the exported useAtlasProvider hook looks good:

1. The use of useMemo for the context value helps optimize performance by preventing unnecessary re-renders.
2. The useAtlasProvider hook includes proper error handling, throwing an informative error if the context is used outside of the provider.
3. The exported default AtlasProvider and named export useAtlasProvider follow good practices for modular and reusable code.

This implementation provides a clean and efficient way for child components to access the Atlas-related functionality and state.

[alcercu]

lgtm

[kemuru]

upload to ipfs works, auth user (signing in) works, fetch settings works, update settings works

[sonarqubecloud]

Quality Gate passed

Issues
8 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[codeclimate]

Code Climate has analyzed commit e72bd47 and detected 28 issues on this pull request.

Here's the issue category breakdown:

Category	Count
Complexity	3
Duplication	6
Style	19

View more on Code Climate.

[MAMware]

Hi! ty, should i clone the comment there?

-------- Mensaje original -------- De: TurbanCoder ***@***.***> Fecha: 21/10/2024 11:34 (GMT-03:00) A: kleros/kleros-v2 ***@***.***> CC: Marcos Meneses ***@***.***>, Comment ***@***.***> Asunto: Re: [kleros/kleros-v2] Atlas integration for authentication, user settings, email confirmation, uploads (PR #1654) @Harman-singh-waraich commented on this pull request.

________________________________ In web/src/context/AtlasProvider.tsx<#1654 (comment)>:

+ const intervalId = setInterval(() => {

+ setIsVerified(verifySession()); + }, 5000); + + return () => { + clearInterval(intervalId); + }; Hello, Thanks for taking time to suggest the strategy. Much appreciated. We will be tackling this optimization in issue #1717<#1717> . You are welcome to review the applied strategy. Thanks for the feedback 😊 — Reply to this email directly, view it on GitHub<#1654 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AQOWOZEZPLRF3BQ53U3CQCTZ4UGF7AVCNFSM6AAAAABLCLH5PSVHI2DSMVQWIX3LMV43YUDVNRWFEZLROVSXG5CSMV3GSZLXHMZDGOBSGMYTMNJYGE>. You are receiving this because you commented.Message ID: ***@***.***>

[Harman-singh-waraich]

Hi! ty, should i clone the comment there?

Hey Marcos, yes you can comment there.

Would you be interested in addressing this issue? 👀