Skip to content

[MNY-327] SDK: Display error returned from API in login with phone number UI #8548

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
graphite-app merged 1 commit into from
Dec 12, 2025
Merged

[MNY-327] SDK: Display error returned from API in login with phone number UI #8548

graphite-app merged 1 commit into from
Dec 12, 2025
+35 −12

Conversation

@MananTank
Copy link
Member

@MananTank MananTank commented Dec 12, 2025
edited by coderabbitai bot
Loading

PR-Codex overview

This PR enhances error handling and state management in the OTP authentication process. It improves the way error messages are displayed and refines the AccountStatus type to better represent different states during the OTP login process.

Detailed summary

  • Improved error handling in otp.ts by parsing the response and providing a specific error message.
  • Modified AccountStatus type in OTPLoginUI.tsx to use a discriminated union with type and optional message.
  • Updated state management in OTPLoginUI to reflect the new AccountStatus structure.
  • Adjusted rendering logic to display error messages based on the new AccountStatus.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

  • Bug Fixes

    • OTP error handling now surfaces detailed server error messages to users instead of generic text.
    • Status handling in the OTP login flow has been made more reliable, ensuring correct display of sending/sent/error states and associated messages.

  • Style

    • Adjusted OTP login UI layout, spacing, and alignment for clearer status presentation.

✏️ Tip: You can customize this high-level summary in your review settings.

@vercel
Copy link

vercel bot commented Dec 12, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
docs-v2 Ready Ready Preview Comment Dec 12, 2025 5:19pm
nebula Ready Ready Preview Comment Dec 12, 2025 5:19pm
thirdweb_playground Ready Ready Preview Comment Dec 12, 2025 5:19pm
thirdweb-www Ready Ready Preview Comment Dec 12, 2025 5:19pm
wallet-ui Ready Ready Preview Comment Dec 12, 2025 5:19pm

@linear
Copy link

linear bot commented Dec 12, 2025

MNY-327 Display actual API error message when OTP send fails

@changeset-bot
Copy link

changeset-bot bot commented Dec 12, 2025
edited
Loading

⚠️ No Changeset found

Latest commit: 1169752

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Dec 12, 2025
edited
Loading

Walkthrough

AccountStatus changed from a string union to a discriminated union carrying an optional error message. OTP send error handling now parses response bodies to extract an API message. UI state logic and rendering were updated to use the new status shape and display extracted messages.

Changes

Cohort / File(s) Summary
OTP UI Status and Error Display
packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx		 Replaced AccountStatus string union with discriminated union (`{ type: "sending" }
OTP API Error Message Extraction
packages/thirdweb/src/wallets/in-app/web/lib/auth/otp.ts		 sendOtp now reads non-OK response bodies, attempts JSON parse to extract a message field, and throws that message when available; falls back to previous generic error message on parse failure or missing message.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

  • Verify all comparisons switched from string equality to accountStatus.type checks in OTPLoginUI.tsx.
  • Confirm accountStatus initialization and all set-state calls use the new object shapes.
  • Validate sendOtp handles non-JSON and JSON-without-message responses without throwing unexpected errors.
  • End-to-end test: cause an OTP send failure that returns a JSON message and confirm the UI displays that message.

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly indicates the primary change: displaying API error messages in phone login UI, directly referencing the issue identifier MNY-327.
Description check ✅ Passed The description includes a PR-Codex summary covering the changes, but lacks detailed reviewer notes and testing instructions from the template.
Linked Issues check ✅ Passed The code changes successfully implement the objective of displaying actual API error messages from OTP send failures by parsing responses in otp.ts and surfacing them via updated AccountStatus in OTPLoginUI.tsx.
Out of Scope Changes check ✅ Passed All changes are directly related to the linked issue MNY-327: improving error handling in OTP authentication and displaying API-returned error messages in the UI.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch mny-327
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

  • Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 8b58713 and 1169752.

📒 Files selected for processing (2)
  • packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx (7 hunks)
  • packages/thirdweb/src/wallets/in-app/web/lib/auth/otp.ts (1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
  • packages/thirdweb/src/wallets/in-app/web/lib/auth/otp.ts
🧰 Additional context used
📓 Path-based instructions (4)
**/*.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.{ts,tsx}: Write idiomatic TypeScript with explicit function declarations and return types
Limit each TypeScript file to one stateless, single-responsibility function for clarity
Re-use shared types from @/types or local types.ts barrels
Prefer type aliases over interface except for nominal shapes in TypeScript
Avoid any and unknown in TypeScript unless unavoidable; narrow generics when possible
Choose composition over inheritance; leverage utility types (Partial, Pick, etc.) in TypeScript

**/*.{ts,tsx}: Write idiomatic TypeScript with explicit function declarations and return types
Limit each file to one stateless, single-responsibility function for clarity and testability
Re-use shared types from @/types or local types.ts barrel exports
Prefer type aliases over interface except for nominal shapes
Avoid any and unknown unless unavoidable; narrow generics whenever possible
Choose composition over inheritance; leverage utility types (Partial, Pick, etc.)
Comment only ambiguous logic in TypeScript files; avoid restating TypeScript types and signatures in prose

Files:

  • packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx
packages/thirdweb/src/**/*.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

packages/thirdweb/src/**/*.{ts,tsx}: Comment only ambiguous logic in SDK code; avoid restating TypeScript in prose
Load heavy dependencies inside async paths to keep initial bundle lean (e.g. const { jsPDF } = await import("jspdf");)

Lazy-load heavy dependencies inside async paths to keep the initial bundle lean (e.g., const { jsPDF } = await import('jspdf');)

Files:

  • packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx
**/*.{js,jsx,ts,tsx,json}

📄 CodeRabbit inference engine (AGENTS.md)

Biome governs formatting and linting; its rules live in biome.json. Run pnpm fix & pnpm lint before committing, ensure there are no linting errors

Files:

  • packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx
**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (AGENTS.md)

Lazy-import optional features; avoid top-level side-effects

Files:

  • packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)
  • GitHub Check: Size
  • GitHub Check: E2E Tests (pnpm, webpack)
  • GitHub Check: E2E Tests (pnpm, esbuild)
  • GitHub Check: Build Packages
  • GitHub Check: Lint Packages
  • GitHub Check: Unit Tests
  • GitHub Check: Analyze (javascript)
🔇 Additional comments (5)
packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx (5)

32-35: Excellent use of discriminated union for state management.

The refactor from a string union to a discriminated union is a solid improvement that allows carrying error messages while maintaining type safety. TypeScript will properly narrow types when checking the type discriminator.

98-106: Solid error handling with proper type guard.

The error extraction correctly uses instanceof Error to safely access e.message, falling back to undefined for non-Error exceptions. This integrates well with the updated otp.ts (per AI summary) that throws parsed API error messages, ensuring users see meaningful feedback when OTP sending fails.

333-343: Proper handling of the error state and message display.

The type narrowing via accountStatus.type === "error" is correct, and the fallback to locale.emailLoginScreen.failedToSendCode ensures users always see a meaningful message even when the API error message is unavailable. This addresses the PR objective of surfacing actual API errors while maintaining robustness.

345-373: Well-structured conditional rendering based on account status.

The logic correctly shows the spinner during "sending" and enables the resend button for both "sent" and "error" states, allowing users to retry on failure. The countdown timer prevents spam while maintaining good UX.

328-332: Layout adjustment supports the updated status-driven UI.

The added gap="sm" and flex properties properly space the error message and resend button elements, maintaining a clean layout for both modal sizes.

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)
  • TEAM-0000: Entity not found: Issue - Could not find referenced Issue.

Comment @coderabbitai help to get the list of available commands and usage tips.

@MananTank MananTank marked this pull request as ready for review December 12, 2025 16:45
@MananTank MananTank requested review from a team as code owners December 12, 2025 16:45
@github-actions github-actions bot added packages SDK Involves changes to the thirdweb SDK labels Dec 12, 2025
@MananTank Graphite App
Copy link
Member Author

MananTank commented Dec 12, 2025

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

  • merge-queue - adds this PR to the back of the merge queue
  • hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

@MananTank Graphite App
Copy link
Member Author

MananTank commented Dec 12, 2025
edited
Loading

Fixes #8514

coderabbitai[bot]
coderabbitai bot reviewed Dec 12, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)
packages/thirdweb/src/wallets/in-app/web/lib/auth/otp.ts (1)

53-68: Harden sendOtp error parsing + fix Promise<void> vs response.json() mismatch (can throw on 204/empty).
Right now sendOtp advertises Promise<void> but still parses JSON on success (Line 67); if the endpoint ever returns an empty body / 204, this will throw and break OTP send.

Suggested tightening (also keeps the new “API message” behavior, but avoids showing raw HTML, and adds status context):

 export const sendOtp = async (args: PreAuthArgsType): Promise<void> => {
@@
   if (!response.ok) {
-    const raw = await response.text();
-    let message: string | undefined;
+    const raw = await response.text();
+    let message: string | undefined;
     try {
       const parsed = JSON.parse(raw);
       if (parsed && typeof parsed.message === "string") {
         message = parsed.message;
       }
     } catch {
       // ignore parse errors
     }
-    throw new Error(message || "Failed to send verification code");
+    throw new Error(
+      message ||
+        `Failed to send verification code (HTTP ${response.status})`,
+    );
   }
 
-  return await response.json();
+  // Endpoint success payload should not be required by callers.
+  // If the API returns JSON, callers can be updated to return it explicitly later.
+  return;
 };

If callers do need the payload, I’d rather change the signature to Promise<YourResponseType> than keep Promise<void> + parsing.

packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx (1)

328-373: Resend button should be semantically disabled (a11y), not just “no onClick + opacity”.
Right now it stays focusable and looks disabled but isn’t announced as disabled. Prefer disabled (if underlying element is a <button>) and/or aria-disabled.

 {accountStatus.type !== "sending" && (
   <LinkButton
-    onClick={countdown === 0 ? sendEmailOrSms : undefined}
+    onClick={countdown === 0 ? sendEmailOrSms : undefined}
+    disabled={countdown > 0}
+    aria-disabled={countdown > 0}
     style={{
       cursor: countdown > 0 ? "default" : "pointer",
       opacity: countdown > 0 ? 0.5 : 1,
     }}
     className="tw-resend-button"
     type="button"
   >

If StyledButton doesn’t forward disabled to a real <button>, then at least add aria-disabled + remove from tab order when disabled (tabIndex={countdown > 0 ? -1 : 0}).

🧹 Nitpick comments (1)
packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx (1)

32-36: Make AccountStatus error message optional (cleaner union) + consider resetting countdown on send start.
{ type: "error"; message: string | undefined } forces message to exist even when absent; message?: string is simpler and matches the intent.

 type AccountStatus =
   | { type: "sending" }
   | { type: "sent" }
-  | { type: "error"; message: string | undefined };
+  | { type: "error"; message?: string };
@@
   const sendEmailOrSms = useCallback(async () => {
     setOtpInput("");
     setVerifyStatus("idle");
     setAccountStatus({ type: "sending" });
+    // Optional: prevent stale countdown if a prior send was in progress
+    // setCountdown(0);
@@
       setAccountStatus({
         type: "error",
-        message: e instanceof Error ? e.message : undefined,
+        message: e instanceof Error ? e.message : undefined,
       });
     }
   }, [props.client, userInfo, ecosystem]);

Also applies to: 58-60, 71-106

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

  • Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between ffd8c40 and 8b58713.

📒 Files selected for processing (2)
  • packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx (7 hunks)
  • packages/thirdweb/src/wallets/in-app/web/lib/auth/otp.ts (1 hunks)
🧰 Additional context used
📓 Path-based instructions (4)
**/*.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.{ts,tsx}: Write idiomatic TypeScript with explicit function declarations and return types
Limit each TypeScript file to one stateless, single-responsibility function for clarity
Re-use shared types from @/types or local types.ts barrels
Prefer type aliases over interface except for nominal shapes in TypeScript
Avoid any and unknown in TypeScript unless unavoidable; narrow generics when possible
Choose composition over inheritance; leverage utility types (Partial, Pick, etc.) in TypeScript

**/*.{ts,tsx}: Write idiomatic TypeScript with explicit function declarations and return types
Limit each file to one stateless, single-responsibility function for clarity and testability
Re-use shared types from @/types or local types.ts barrel exports
Prefer type aliases over interface except for nominal shapes
Avoid any and unknown unless unavoidable; narrow generics whenever possible
Choose composition over inheritance; leverage utility types (Partial, Pick, etc.)
Comment only ambiguous logic in TypeScript files; avoid restating TypeScript types and signatures in prose

Files:

  • packages/thirdweb/src/wallets/in-app/web/lib/auth/otp.ts
  • packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx
packages/thirdweb/src/**/*.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

packages/thirdweb/src/**/*.{ts,tsx}: Comment only ambiguous logic in SDK code; avoid restating TypeScript in prose
Load heavy dependencies inside async paths to keep initial bundle lean (e.g. const { jsPDF } = await import("jspdf");)

Lazy-load heavy dependencies inside async paths to keep the initial bundle lean (e.g., const { jsPDF } = await import('jspdf');)

Files:

  • packages/thirdweb/src/wallets/in-app/web/lib/auth/otp.ts
  • packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx
**/*.{js,jsx,ts,tsx,json}

📄 CodeRabbit inference engine (AGENTS.md)

Biome governs formatting and linting; its rules live in biome.json. Run pnpm fix & pnpm lint before committing, ensure there are no linting errors

Files:

  • packages/thirdweb/src/wallets/in-app/web/lib/auth/otp.ts
  • packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx
**/*.{ts,tsx,js,jsx}

📄 CodeRabbit inference engine (AGENTS.md)

Lazy-import optional features; avoid top-level side-effects

Files:

  • packages/thirdweb/src/wallets/in-app/web/lib/auth/otp.ts
  • packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx
🧬 Code graph analysis (1)
packages/thirdweb/src/react/web/wallets/shared/OTPLoginUI.tsx (2)
packages/thirdweb/src/react/web/ui/components/basic.tsx (1)
  • Container (80-193)
packages/thirdweb/src/react/web/ui/components/text.tsx (1)
  • Text (18-34)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (8)
  • GitHub Check: E2E Tests (pnpm, vite)
  • GitHub Check: E2E Tests (pnpm, webpack)
  • GitHub Check: Lint Packages
  • GitHub Check: Build Packages
  • GitHub Check: E2E Tests (pnpm, esbuild)
  • GitHub Check: Size
  • GitHub Check: Unit Tests
  • GitHub Check: Analyze (javascript)

@github-actions
Copy link
Contributor

github-actions bot commented Dec 12, 2025
edited
Loading

size-limit report 📦

Path Size
@thirdweb-dev/nexus (esm) 105.66 KB (0%)
@thirdweb-dev/nexus (cjs) 319.47 KB (0%)

@codecov
Copy link

codecov bot commented Dec 12, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 0% with 29 lines in your changes missing coverage. Please review.
✅ Project coverage is 54.64%. Comparing base (ff8f413) to head (1169752).
⚠️ Report is 2 commits behind head on main.

Files with missing lines Patch % Lines
...irdweb/src/react/web/wallets/shared/OTPLoginUI.tsx 0.00% 19 Missing ⚠️
...es/thirdweb/src/wallets/in-app/web/lib/auth/otp.ts 0.00% 10 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #8548      +/-   ##
==========================================
- Coverage   54.67%   54.64%   -0.03%     
==========================================
  Files         921      921              
  Lines       61163    61181      +18     
  Branches     4153     4151       -2     
==========================================
- Hits        33439    33434       -5     
- Misses      27622    27645      +23     
  Partials      102      102
Flag Coverage Δ
packages 54.64% <0.00%> (-0.03%) ⬇️
Files with missing lines Coverage Δ
...es/thirdweb/src/wallets/in-app/web/lib/auth/otp.ts 4.49% <0.00%> (-0.51%) ⬇️
...irdweb/src/react/web/wallets/shared/OTPLoginUI.tsx 5.41% <0.00%> (-0.16%) ⬇️

... and 2 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@graphite-app
Copy link
Contributor

graphite-app bot commented Dec 12, 2025
edited
Loading

Merge activity

@MananTank
[MNY-327] SDK: Display error returned from API in login with phone nu…
1169752 
…mber UI (#8548)

<!--

## title your PR with this format: "[SDK/Dashboard/Portal] Feature/Fix: Concise title for the changes"

If you did not copy the branch name from Linear, paste the issue tag here (format is TEAM-0000):

## Notes for the reviewer

Anything important to call out? Be sure to also clarify these in your comments.

## How to test

Unit tests, playground, etc.

-->

<!-- start pr-codex -->

---

## PR-Codex overview
This PR focuses on improving error handling and state management in the OTP authentication process. It enhances the way error messages are displayed and modifies the structure of `AccountStatus` to accommodate additional information.

### Detailed summary
- In `otp.ts`, enhanced error handling by parsing the response for a detailed message.
- Updated `AccountStatus` type in `OTPLoginUI.tsx` to an object structure, allowing for an error message.
- Modified state management for `accountStatus` to use the new object structure.
- Adjusted UI rendering logic to handle the new `AccountStatus` format.

> ✨ Ask PR-Codex anything about this PR by commenting with `/codex {your question}`

<!-- end pr-codex -->

<!-- This is an auto-generated comment: release notes by coderabbit.ai -->

## Summary by CodeRabbit

* **Bug Fixes**
  * Enhanced error message handling in OTP verification to display detailed server error messages to users instead of generic messages.
  * Improved error status display in OTP login interface.

* **Style**
  * Updated OTP login UI layout and spacing for better status presentation.

<sub>✏️ Tip: You can customize this high-level summary in your review settings.</sub>

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
@graphite-app graphite-app bot merged commit 1169752 into main Dec 12, 2025
24 of 25 checks passed
@graphite-app graphite-app bot deleted the mny-327 branch December 12, 2025 17:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

@MananTank MananTank

Labels

packages SDK Involves changes to the thirdweb SDK

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MananTank