fix: refactor credential handling in user routes and update credentia…

[TejaBudumuru3]

…l logic in useCredentials hook

Summary by CodeRabbit

• Bug Fixes
  • Improved credential retrieval system with better separation between credential IDs and configuration data.
  • Enhanced credential response handling to support multiple response types, including authentication URLs.
  • Adjusted OAuth flow initialization logic for improved credential management and authentication workflows.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

Backend and frontend modifications to credential handling: backend now fetches credentials via GoogleSheetsNodeExecutor instead of direct database queries and manages CredentialsID separately in node operations; frontend updated to handle both credential arrays and authUrl strings in API responses.

Changes

Cohort / File(s)	Summary
Backend Credential Fetch apps/http-backend/src/routes/userRoutes/userRoutes.ts	Replaced direct prismaClient.credential query with GoogleSheetsNodeExecutor.getAllCredentials(); returns 200 with "No credentials found" if empty, otherwise returns credentials with hasCredentials: true
Node Creation & Update with Credentials apps/http-backend/src/routes/userRoutes/userRoutes.ts	Added CredentialsID field extraction from Config and separation of credentialId from node config in both create and update operations; restConfig (excluding credentialId) now passed separately
Frontend Credential Response Handling apps/web/app/hooks/useCredential.ts	Modified getCredentials response handling to support both array responses (credentials) and string responses (authUrl); removed OAuth redirect logic for Google credential types

Sequence Diagram

sequenceDiagram
    participant Frontend as Frontend<br/>(useCredential Hook)
    participant Backend as Backend<br/>(userRoutes)
    participant Executor as GoogleSheetsNodeExecutor
    participant DB as Credentials DB

    Frontend->>Backend: GET /getCredentials
    Backend->>Executor: new GoogleSheetsNodeExecutor()
    Executor->>DB: getAllCredentials(userId, type)
    DB-->>Executor: credentials array (or empty)
    Executor-->>Backend: credentials or []
    
    alt Credentials Found
        Backend-->>Frontend: {credentials, hasCredentials: true}
        Frontend->>Frontend: Update cred state
    else No Credentials
        Backend-->>Frontend: "No credentials found"
        Frontend->>Frontend: Set authUrl = response
    end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• Feature/config fixes #61: Overlaps in userRoutes.ts credential GET handler and node creation/update payload modifications with CredentialsID field handling.
• feat: Implement Google Sheets API integration with document and tab r… #36: Shares GoogleSheetsNodeExecutor.getAllCredentials API usage for credential fetching implementation.
• refactor: improve user routes, logging, and component formatting #55: Intersects in node creation/update logic within userRoutes.ts with CredentialsID and config extraction patterns.

Suggested reviewers

• Vamsi-o
• Copilot

Poem

🐰✨ Credentials hop through GoogleSheets now,
No direct database—just the executor's bow!
Frontend catches auth URLs in the breeze,
While nodes keep their secrets with such ease.
A cleaner path to API keys so fine,
One hop, one fetch, one credential design! 🥕

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main changes: refactoring credential handling in user routes and updating credential logic in the useCredentials hook, matching the file modifications.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

apps/http-backend/src/routes/userRoutes/userRoutes.ts (1)

188-198: Type check is incorrect—string auth URLs will be returned as credentials.

Based on GoogleSheetsNodeExecutor.getAllCredentials (from google-sheets.executor.ts), when no credentials are found, it returns this.oauthService.getAuthUrl(userId) which is a string. Since strings have a .length property (character count), credentials.length === 0 will be false for a non-empty auth URL, causing the auth URL to be returned with hasCredentials: true.

🐛 Proposed fix

-      if (credentials.length === 0) {
+      if (typeof credentials === 'string') {
+        // Backend returned auth URL when no credentials exist
+        return res.status(200).json({
+          message: "No credentials found",
+          authUrl: credentials,
+          hasCredentials: false,
+        });
+      }
+
+      if (!Array.isArray(credentials) || credentials.length === 0) {
         return res.status(200).json({
           message: "No credentials found",
         });
       }

🧹 Nitpick comments (2)

apps/web/app/hooks/useCredential.ts (1)

31-37: Consider removing commented-out code.

If the OAuth URL construction is now handled by the backend response, this commented block should be removed rather than left as dead code. Keeping commented code reduces readability.

🧹 Suggested cleanup

-        // Frontend defines where to redirect for OAuth
-        // if (type === "google") {
-        //   const baseUrl = `${BACKEND_URL}/oauth/google/initiate`;
-        //   const url = workflowId ? `${baseUrl}?workflowId=${workflowId}` : baseUrl;
-        //   setAuthUrl(url);
-        // } else {
-        //   setAuthUrl(null);
-        // }

apps/http-backend/src/routes/userRoutes/userRoutes.ts (1)

165-187: Remove commented-out code blocks.

These commented blocks represent the old implementation. Git history preserves this code if needed later. Leaving large commented blocks reduces readability.