Expensify
[$500] mWeb - Magic link - "Sign in here" leads to Abracadabra page.
If you havenβt already, check out our contributing guidelines for onboarding and email [email protected] to request to join our Slack channel!
Version Number: 1.4.36 Reproducible in staging?: Y Reproducible in production?: N If this was caught during regression testing, add the test name, ID and link from TestRail: https://expensify.testrail.io/index.php?/tests/view/4279569 Email or phone of affected tester (no customers): [email protected] Logs: https://stackoverflow.com/c/expensify/questions/4856 Expensify/Expensify Issue URL: Issue reported by: Applause - Internal Team Slack conversation:
Action Performed:
- Go to https://staging.new.expensify.com/
- On login page, enter an email you have access to
- Go to email inbox and copy the magic link
- Change the link to staging and go to it on an incognito window
- Tap on "just sign here"
Expected Result:
The user should be logged in and the LHN should be displayed
Actual Result:
The user should be logged in and the LHN should be displayed
Workaround:
Unknown
Platforms:
Which of our officially supported platforms is this issue occurring on?
- [ ] Android: Native
- [x] Android: mWeb Chrome
- [ ] iOS: Native
- [x] iOS: mWeb Safari
- [x] MacOS: Chrome / Safari
- [x] MacOS: Desktop
Screenshots/Videos
Add any screenshot/video evidence
https://github.com/Expensify/App/assets/78819774/abe31d5a-e192-409c-ba8e-ad4dae50b598
Upwork Automation - Do Not Edit
- Upwork Job URL: https://www.upwork.com/jobs/~01ce9d90ffdb97284c
- Upwork Job ID: 1754498791034695680
- Last Price Increase: 2024-02-05
- Automatic offers:
- Ollyws | Reviewer | 28143590
- aswin-s | Contributor | 28143592
:wave: Friendly reminder that deploy blockers are time-sensitive β± issues! Check out the open `StagingDeployCash` deploy checklist to see the list of PRs included in this release, then work quickly to do one of the following:
- Identify the pull request that introduced this issue and revert it.
- Find someone who can quickly fix the issue.
- Fix the issue yourself.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Triggered auto assignment to @yuwenmemon (Engineering), see https://stackoverflowteams.com/c/expensify/questions/9980/ for more details.
![melvin-bot[bot] avatar](https://avatars.githubusercontent.com/in/179547?v=4 "Published by a pub.dev verified publisher"){kind=small}
Job added to Upwork: https://www.upwork.com/jobs/~01ce9d90ffdb97284c
Triggered auto assignment to Contributor-plus team member for initial proposal review - @Ollyws (External)
Triggered auto assignment to @zanyrenney (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details.
Still open for proposals, the other deploy blocker affects native platforms only
Hi I'm taking a look at this. An incognito browser window is a different session to the non incognito one so logging in from incognito shouldn't work by design. That being said what is meant by LHN as described in the Expected Result?
@jcdiprose
LHN stands for Left Hand Navigation (Primary navigation modal in Expensify Chat, docked on the left-hand side)
You can find a list of commonly used acronyms here.
Proposal
credentials.login is undefined in component ValidateLoginPage when opening the link in incognito.
To support opening the links in incognito we would need to.
- add a URL parameter to the magic link containing the users email address
- Update Onyx CREDENTIALS login property with the email address
- Check title "Head back to your original tab to continue." to "Head back to your original tab to continue. Or click here" which when clicked would direct to the home page with valid logged in credentials this time
@jcdiprose Thanks for the update. Please have a read of how to construct a proposal in the contributing guide
@Ollyws my mistake thanks for letting me know
Please re-state the problem that we are trying to solve in this issue.
- Opening magic link from incognito window doesn't complete login session
What is the root cause of that problem?
- Opening the magic link from incognito means there is no active session within Onyx
What changes do you think we should make in order to solve the problem?
- add email address as a URL parameter on the magic link
- on page mount update Onyx state with the email address
- provide the user a link "or click here" that will reload the page taking them to LHN.
What alternative solutions did you explore? (Optional)
- None
@jcdiprose If you look on production you'll see that clicking the URL from the magic link signs the user in on the incognito mode window. How is this related to an active session?
@yuwenmemon Interesting. I thought it was handled differently. I will take a look at prod soon
@yuwenmemon If I understand the reproduction steps correctly it sounds like the start of the process is done from one browser window then the magic link is being opened in a different incognito browser window
@jcdiprose Yes, that's correct. In that case, when you click that "just sign in here" link it should take you right into your account.
Proposal
Please re-state the problem that we are trying to solve in this issue.
App gets redirected to Abracadabra screen when "Sign in here" is clicked
What is the root cause of that problem?
This is some what related to https://github.com/Expensify/App/issues/35745
In ValidateLogin page a useEffect is used to redirect user once the code is validated. Looks like we are not waiting for Navigation.ready before calling Navigation.navigate. Also Navigation.navigate() without any parameters doesn't seem to work after navigation refactor.
https://github.com/Expensify/App/blob/5133c29ccf359a22225d18547d6776232bc9aa97/src/pages/ValidateLoginPage/index.website.tsx#L27-L31
What changes do you think we should make in order to solve the problem?
In ValidationLoginPage/index.website.tsx modify below line
https://github.com/Expensify/App/blob/5133c29ccf359a22225d18547d6776232bc9aa97/src/pages/ValidateLoginPage/index.website.tsx#L30
Navigation.isNavigationReady().then(() => {
Navigation.goBack();
});
This seems to fix the issue.
https://github.com/Expensify/App/assets/6880914/4a1de9a2-a88f-4f73-8c12-fd4935cb42c6
What alternative solutions did you explore? (Optional)
None
π£ @Ollyws π An offer has been automatically sent to your Upwork account for the Reviewer role π Thanks for contributing to the Expensify app!
π£ @aswin-s π An offer has been automatically sent to your Upwork account for the Contributor role π Thanks for contributing to the Expensify app!
Offer link Upwork job Please accept the offer and leave a comment on the Github issue letting us know when we can expect a PR to be ready for review π§βπ» Keep in mind: Code of Conduct | Contributing π
~I can help with the c+ checklist if @Ollyws is not around~
nvm, its handled internally
Reviewing label has been removed, please complete the "BugZero Checklist".
The solution for this issue has been :rocket: deployed to production :rocket: in version 1.4.37-7 and is now subject to a 7-day regression period :calendar:. Here is the list of pull requests that resolve this issue:
- https://github.com/Expensify/App/pull/35850
If no regressions arise, payment will be issued on 2024-02-14. :confetti_ball:
For reference, here are some details about the assignees on this issue:
- @aswin-s requires payment automatic offer (Contributor)
- @Ollyws requires payment automatic offer (Reviewer)
BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:
- [ ] [@Ollyws] The PR that introduced the bug has been identified. Link to the PR:
- [ ] [@Ollyws] The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment:
- [ ] [@Ollyws] A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion:
- [ ] [@Ollyws] Determine if we should create a regression test for this bug.
- [ ] [@Ollyws] If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again.
- [ ] [@zanyrenney] Link the GH issue for creating/updating the regression test once above steps have been agreed upon:
@Ollyws @aswin-s you have not accepted the offers, please accept for payout,
Payment summary
@aswin-s requires payment automatic offer (Contributor) - PAID $500 @Ollyws requires payment automatic offer (Reviewer) - no review, no payment due.