[Issue #2653] Sign in component #3281
Conversation
acouch
requested review from
andycochran,
btabaska,
doug-s-nava,
coilysiren and
mdragon
as code owners
acouch
force-pushed
the
acouch/issue-2653-login-component
branch
from
3d6abd3 to
dd80b68
Compare
| @@ -44,6 +44,11 @@ locals { | |||
| manage_method = "manual" | |||
| secret_store_name = "/${var.app_name}/${var.environment}/api-auth-token" | |||
| }, | |||
| # URL for the API login route. | |||
| AUTH_LOGIN_URL = { | |||
There was a problem hiding this comment.
This isn't secret so it goes next to the NODE_OPTIONS key above
There was a problem hiding this comment.
It is the same as the API_URL right?
There was a problem hiding this comment.
@coilysiren Secrets knows how to read from SSM where as the standard env vars are more "constants?" Right? Or is there a way to read from SSM there too?
| @@ -11,4 +11,5 @@ SENDY_API_KEY= | |||
| SENDY_API_URL= | |||
| SENDY_LIST_ID= | |||
|
|
|||
| API_URL=http://api.simpler.grants.gov | |||
| API_URL=https://api.simpler.grants.gov | |||
| AUTH_LOGIN_URL=https://api.simpler.grants.gov/v1/users/login | |||
There was a problem hiding this comment.
it's a bit confusing to have this defined in the env file and in SSM. I'm not sure which one takes precedence (looks like it's the env file but haven't tested with Docker) and I'd worry that dev and staging environments would end up pointing to prod for auth with this defined here
There was a problem hiding this comment.
Yeah, I guess we have the API one to point to that the behavior is "as expected" but that likely also reinforces that they don't need to be here?
There was a problem hiding this comment.
It appears this gets picked up at build time, even though it's in a client component, because... I'm not sure how or why? Which also makes me question how staging is not finding Prod, as at that build it definitely doesn't have access to the SSM stuff (and I can't double check what SSM has for Stage cause I can't SSO into AWS right now).
There was a problem hiding this comment.
Maybe, I think, perhaps, the distinction here is Search is doing this from a server component so it's picking up the live running value via SSM where as Login is client so it's getting rendered at build time? It's not inlining the variable (because it's not NEXT_PUBLIC) it's just built the whole HTML structure out and doesn't re-do it at run-time when the ENV VAR gets changed? So in this case it would make this send Dev and Stage login requests to the Prod API URL because that's all it has at build, via this file, not via SSM?
There was a problem hiding this comment.
I've unfortunately fought this stuff a bunch with the new relic work. It might be good to talk this out if folks have time
| const LoginLink = () => { | ||
| return ( | ||
| <Link | ||
| href={process.env.auth_login_url as string} |
There was a problem hiding this comment.
this works with next dev where the variable is defined in the env file, but won't work with build && start when it's coming from SSM. The env var won't be available to the app until run time, and for a client component to pick up directly from process.env the variable needs to be:
- prefixed with
NEXT_PUBLICand - available at build time
I'd recommend reading this in from process.env in the environments file, then prop drilling it down to the header component from the nearest server component. It may work to import directly from the environments file, but I doubt it.
There was a problem hiding this comment.
I wish local Next/React did a better job of highlighting/blocking this anti-pattern.
There was a problem hiding this comment.
@doug-s-nava b/c these pages are statically rendered, there isn't a server side place to put the env for the static pages, unless we use wrap them in a suspense boundary. @mdragon that isn't an anti-pattern, it is the rec from next documentation
That could be the way to go. As of this comment, the CDN is rendering the suspense on the search page without a loading state, meaning the header could potentially use suspense without a "flicker."
If we switch to dynamic rendering, then we could just use this pattern as is.
| @@ -68,6 +68,9 @@ const nextConfig = { | |||
| }, | |||
| ]; | |||
| }, | |||
| env: { | |||
| auth_login_url: process.env.AUTH_LOGIN_URL, | |||
There was a problem hiding this comment.
what is this doing for us?
There was a problem hiding this comment.
The same thing the src/constants/environments.ts is doing. Initially I had this as a NEXT_PUBLIC_ var and that file says home for all interpreted server side environment variables. I'll move this over there, and update that comment since NEXT_PUBLIC files are defined there anyway. Good catch, thanks.
| @@ -10,6 +10,8 @@ const props = { | |||
| locale: "en", | |||
| }; | |||
|
|
|||
| process.env.auth_login_url = "/login-url"; | |||
There was a problem hiding this comment.
can we mock the environments export instead? that's more in line with what we're doing in tests elsewhere
There was a problem hiding this comment.
Seeing that there is a mockProcessEnv() function we aren't using and an example of mocking the environment.ts file in FeatureFlagManager.test.ts which I started off as not using, so no clear pattern yet. I'll use the environments.ts file and follow the pattern in the FeatureFlagManager.test.ts file. Good catch, thanks.
| @@ -30,3 +30,8 @@ i.e. | |||
| @include u-shadow(4); | |||
| } | |||
| } | |||
| @include at-media("desktop") { | |||
There was a problem hiding this comment.
Imagine you've tried some things out, but is there a way to avoid this? Can we mirror styling of the navbar items, or is there something throwing this off that is too difficult to deal with?
There was a problem hiding this comment.
There is no 5px margin from USWDS. The extra pixel did make a difference IMHO.
|
Also if we're not updating the button to a logged in state when user is logged in in this change I think we need a ticket to handle that |
acouch
force-pushed
the
acouch/issue-2653-login-component
branch
from
5b3b8af to
a28c443
Compare
@doug-s-nava this seemed like enough to chew on for a PR and the provider wasn't available when I started. I can do a follow-up for the same ticket now that the user provider is available. |
doug-s-nava
force-pushed
the
feature/nextjs-auth
branch
from
80f4046 to
99f501f
Compare
doug-s-nava
force-pushed
the
feature/nextjs-auth
branch
from
ec9bc75 to
9016bbc
Compare
acouch
force-pushed
the
acouch/issue-2653-login-component
branch
from
a28c443 to
0179346
Compare
Summary
Fixes #2653
Time to review: 5 mins
Changes proposed
Mobile
Figma
Local
Deskstop
Figma
Local