Skip to content

Firebase functions update and fix redirect bug#54

Open
mafernandag wants to merge 4 commits intomainfrom
sign-up-form
Open

Firebase functions update and fix redirect bug#54
mafernandag wants to merge 4 commits intomainfrom
sign-up-form

Conversation

@mafernandag
Copy link
Collaborator

@mafernandag mafernandag commented Oct 23, 2025

  • Firebase functions endpoint errors solved
  • Solved bug where the user wasn't getting redirected to the "get started" page after successful ORCID sign-up

Copilot AI review requested due to automatic review settings October 23, 2025 21:18
Copilot AI reviewed Oct 23, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR fixes a critical ORCID authentication redirect bug and enhances the Firebase Functions implementation with better error handling and diagnostics.

Key Changes:

  • Fixed inverted logic preventing new users from reaching the onboarding flow
  • Added comprehensive error handling and diagnostics for ORCID API interactions
  • Implemented lazy initialization pattern for Express app in Firebase Functions v2

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
mentor-match-app/src/components/auth/OrcidHandler.jsx Corrected conditional logic to properly redirect new users to '/get-started' and existing users to '/dashboard'
mentor-match-app/functions/index.js Added Node.js version validation, enhanced error handling with detailed diagnostics, implemented lazy Express initialization, and improved ORCID API endpoint validation

mentor-match-app/functions/index.js
NODE_ENV: NODE_ENV || 'development'
},
values: {
ORCID_REDIRECT_URI
Copy link

Copilot AI Oct 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The diagnostics endpoint exposes the actual ORCID_REDIRECT_URI value without redaction, unlike ORCID_CLIENT_ID and ORCID_CLIENT_SECRET which are redacted. While the redirect URI is less sensitive, exposing it publicly could aid attackers in crafting phishing attempts or understanding the authentication flow. Consider redacting or removing this value from the diagnostics response, or restricting access to this endpoint.

Suggested change
ORCID_REDIRECT_URI
ORCID_REDIRECT_URI: redact(ORCID_REDIRECT_URI)

Copilot uses AI. Check for mistakes.
mafernandag and others added 3 commits October 23, 2025 17:18
@mafernandag
Firebase functions update and fix redirect bug
4764dea 
After signing up with ORCID, the user didn't get redirected to the get started page
@mafernandag
Merge branch 'main' into sign-up-form
77d18c6
@mafernandag
Fix linter errors
68c36ce
@github-actions
Copy link

github-actions bot commented Oct 23, 2025

Visit the preview URL for this PR (updated for commit c3b1584):

https://mentor-match-backend--pr-54-tn1my1rv.web.app

(expires Thu, 30 Oct 2025 21:31:04 GMT)

🔥 via Firebase Hosting GitHub Action 🌎

Sign: 00dcef695f9e3298930fa589c5484a93e0a376cb

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mafernandag