remix-auth-socials icon indicating copy to clipboard operation
remix-auth-socials copied to clipboard

Published 20 hours ago verified publisher icon TheRealFlyingCoder

Server crash on rate limits from auth provider

Open isaacs opened this issue 2 years ago • 0 comments

Describe the bug

When GitHub slaps rate limits on a user, the attempt to fetch their profile doesn't return a profile, and the code crashes.

return value: {
  message: 'API rate limit exceeded for user ID 9287.',
  documentation_url: 'https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting'
}

TypeError: Cannot read properties of undefined (reading 'toString')
    at GitHubStrategy.userProfile (/Users/isaacs/dev/tierdev/tierweb/node_modules/remix-auth-socials/build/strategies/github.js:45:25)
    at runMicrotasks (<anonymous>)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
    at GitHubStrategy.authenticate (/Users/isaacs/dev/tierdev/tierweb/node_modules/remix-auth-oauth2/build/index.js:113:23)
    at Object.callRouteLoader (/Users/isaacs/dev/tierdev/tierweb/node_modules/@remix-run/node/node_modules/@remix-run/server-runtime/data.js:77:14)
    at handleResourceRequest (/Users/isaacs/dev/tierdev/tierweb/node_modules/@remix-run/node/node_modules/@remix-run/server-runtime/server.js:453:14)
    at requestHandler (/Users/isaacs/dev/tierdev/tierweb/node_modules/@remix-run/node/node_modules/@remix-run/server-runtime/server.js:42:18)
    at /Users/isaacs/dev/tierdev/tierweb/node_modules/@remix-run/express/server.js:39:22

Your Example Website or App

sorry, no time to do this, just wrapped in a try/catch for now, reporting so it doesn't get forgotten entirely

Steps to Reproduce the Bug or Issue

  1. Implement a site that uses log in with GitHub
  2. Repeatedly log in and out a bunch of times (cuz, ya know, you're developing a website, it's what you do, or maybe just being a weird user.)
  3. Observe server crash.

Expected behavior

Because this throw happens in the app/routes/auth/$provider.callback.tsx route, it's outside the context of an ErrorBoundary or CatchBoundary. I would expect that it would at least log the error and redirect to the failureRedirect, or perhaps make the error available to the failureRedirect on the query string or something?

Screenshots or Videos

No response

Platform

  • OS: any, logging in with GitHub
  • Browser: all browsers (safari and chrome tested)

Additional context

$ npm ls | grep remix | grep auth 
├── [email protected]
├── [email protected]

isaacs avatar May 28 '22 02:05 isaacs