Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(frontend): check auth before allowing actions to run #8633

Merged
merged 6 commits into from
Nov 14, 2024
Merged

feat(frontend): check auth before allowing actions to run #8633

merged 6 commits into from
Nov 14, 2024

Conversation

ntindle
Copy link
Member

@ntindle ntindle commented Nov 13, 2024
edited
Loading

We currently don't check the persons calling an action is a user, so we need to do that!

Changes 🏗️

Adds checkAuth method to check auth as suggested by supabase
Calls checkAuth in the actions we run

Checklist 📋

For code changes:

  • I have clearly listed my changes in the PR description
  • I have made a test plan
  • I have tested my changes according to the test plan:
    • Run the test plan
Test plan
  • Upload agent to marketplace
  • Import an agent from marketplace and confirm it executes correctly

@ntindle ntindle requested a review from a team as a code owner November 13, 2024 00:01
@ntindle ntindle requested review from Bentlybro and kcze and removed request for a team November 13, 2024 00:01
@github-actions github-actions bot added platform/frontend AutoGPT Platform - Front end platform/backend AutoGPT Platform - Back end labels Nov 13, 2024
@qodo-merge-pro Qodo Merge Pro
Copy link

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪
🧪 No relevant tests
🔒 No security concerns identified
⚡ Recommended focus areas for review

Error Handling
The checkAuth function silently redirects on error without logging the specific auth error details, which could make debugging authentication issues difficult

Code Smell
The file has unnecessary empty lines added at the end which should be removed

Redundant Import
The createClient import from supabase/client is unused and should be removed

@netlify Netlify
Copy link

netlify bot commented Nov 13, 2024
edited
Loading

Deploy Preview for auto-gpt-docs canceled.

Name Link
🔨 Latest commit 5105bea
🔍 Latest deploy log https://app.netlify.com/sites/auto-gpt-docs/deploys/6735c42835fe870008a32343

aarushik93
aarushik93 previously approved these changes Nov 13, 2024
View reviewed changes
@ntindle ntindle enabled auto-merge (squash) November 13, 2024 22:21
@ntindle ntindle merged commit 52b3148 into dev Nov 14, 2024
15 checks passed
@ntindle ntindle deleted the ntindle/secrt-962-add-user-authentication-and-authorization-check-to-all branch November 14, 2024 09:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aarushik93 aarushik93 aarushik93 approved these changes

@Bentlybro Bentlybro Awaiting requested review from Bentlybro Bentlybro is a code owner automatically assigned from Significant-Gravitas/maintainers

@kcze kcze Awaiting requested review from kcze kcze is a code owner automatically assigned from Significant-Gravitas/maintainers

Assignees
No one assigned
Labels
platform/backend AutoGPT Platform - Back end platform/frontend AutoGPT Platform - Front end Review effort [1-5]: 2 size/m
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ntindle @aarushik93 @Torantulino