fix(email): manual OTP instead of better-auth#921
Merged
waleedlatif1 merged 2 commits intostagingfrom Aug 9, 2025
Merged
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
1 Skipped Deployment
|
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Greptile Summary
This PR implements a change from better-auth's automatic email verification system to a manual OTP (One-Time Password) implementation for user signup. The change involves two key modifications:
-
Auth Configuration Updates: The
auth.tsfile has been modified to disable automatic email verification by settingsendVerificationOnSignUp: falsein both theemailAndPasswordconfiguration and theemailOTPplugin. This prevents better-auth from automatically sending verification emails during the signup process. -
Manual OTP Implementation: The
signup-form.tsxfile now explicitly callsclient.emailOtp.sendVerificationOtp()after successful user creation, giving the application direct control over when verification emails are sent. The implementation includes error handling and logging to track any issues with OTP sending.
This change fits into the broader authentication system by maintaining the existing user verification flow while providing more granular control over email timing. The manual approach allows the application to handle edge cases and implement custom business logic around when verification emails should be sent, which is particularly important given the existing email validation systems like quickValidateEmail that are already in place. The OTP verification system continues to work with the existing useVerification hook and OTPVerificationEmail component, ensuring seamless integration with the current user interface and email templates.
Confidence score: 3/5
- This PR introduces potential issues that need attention, particularly around error handling and user experience
- Score reflects concerns about silent error handling and lack of user feedback when OTP sending fails
- Pay close attention to the signup form implementation and consider adding user-facing error handling
2 files reviewed, 1 comment
Comment on lines
+349
to
+358
| // Send verification OTP manually | ||
| try { | ||
| await client.emailOtp.sendVerificationOtp({ | ||
| email: emailValue, | ||
| type: 'email-verification', | ||
| }) | ||
| } catch (otpError) { | ||
| logger.error('Failed to send OTP:', otpError) | ||
| // Continue anyway - user can use resend button | ||
| } |
Contributor
There was a problem hiding this comment.
logic: OTP sending happens outside the signup success check. If signup fails but this code is reached, users might receive verification emails for failed accounts.
Suggested change
| // Send verification OTP manually | |
| try { | |
| await client.emailOtp.sendVerificationOtp({ | |
| email: emailValue, | |
| type: 'email-verification', | |
| }) | |
| } catch (otpError) { | |
| logger.error('Failed to send OTP:', otpError) | |
| // Continue anyway - user can use resend button | |
| } | |
| // Only send OTP if signup was successful | |
| if (response && !response.error) { | |
| // Send verification OTP manually | |
| try { | |
| await client.emailOtp.sendVerificationOtp({ | |
| email: emailValue, | |
| type: 'email-verification', | |
| }) | |
| } catch (otpError) { | |
| logger.error('Failed to send OTP:', otpError) | |
| // Continue anyway - user can use resend button | |
| } | |
| } |
waleedlatif1
added a commit
that referenced
this pull request
Aug 9, 2025
…ypes (#919) * feat(execution-filesystem): system to pass files between blocks (#866) * feat(files): pass files between blocks * presigned URL for downloads * Remove latest migration before merge * starter block file upload wasn't getting logged * checkpoint in human readable form * checkpoint files / file type outputs * file downloads working for block outputs * checkpoint file download * fix type issues * remove filereference interface with simpler user file interface * show files in the tag dropdown for start block * more migration to simple url object, reduce presigned time to 5 min * Remove migration 0065_parallel_nightmare and related files - Deleted apps/sim/db/migrations/0065_parallel_nightmare.sql - Deleted apps/sim/db/migrations/meta/0065_snapshot.json - Removed 0065 entry from apps/sim/db/migrations/meta/_journal.json Preparing for merge with origin/staging and migration regeneration * add migration files * fix tests * Update apps/sim/lib/uploads/setup.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * Update apps/sim/lib/workflows/execution-file-storage.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * Update apps/sim/lib/workflows/execution-file-storage.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * cleanup types * fix lint * fix logs typing for file refs * open download in new tab * fixed * Update apps/sim/tools/index.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * fix file block * cleanup unused code * fix bugs * remove hacky file id logic * fix drag and drop * fix tests --------- Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * feat(trigger-mode): added trigger-mode to workflow_blocks table (#902) * fix(schedules-perms): use regular perm system to view/edit schedule info (#901) * fix(schedules-perms): use regular perm system to view schedule info * fix perms * improve logging * feat(webhooks): deprecate singular webhook block + add trigger mode to blocks (#903) * feat(triggers): added new trigger mode for blocks, added socket event, ran migrations * Rename old trigger/ directory to background/ * cleaned up, ensured that we display active webhook at the block-level * fix submenu in tag dropdown * keyboard nav on tag dropdown submenu * feat(triggers): add outlook to new triggers system * cleanup * add types to tag dropdown, type all outputs for tools and use that over block outputs * update doc generator to truly reflect outputs * fix docs * add trigger handler * fix active webhook tag * tag dropdown fix for triggers * remove trigger mode schema change * feat(execution-filesystem): system to pass files between blocks (#866) * feat(files): pass files between blocks * presigned URL for downloads * Remove latest migration before merge * starter block file upload wasn't getting logged * checkpoint in human readable form * checkpoint files / file type outputs * file downloads working for block outputs * checkpoint file download * fix type issues * remove filereference interface with simpler user file interface * show files in the tag dropdown for start block * more migration to simple url object, reduce presigned time to 5 min * Remove migration 0065_parallel_nightmare and related files - Deleted apps/sim/db/migrations/0065_parallel_nightmare.sql - Deleted apps/sim/db/migrations/meta/0065_snapshot.json - Removed 0065 entry from apps/sim/db/migrations/meta/_journal.json Preparing for merge with origin/staging and migration regeneration * add migration files * fix tests * Update apps/sim/lib/uploads/setup.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * Update apps/sim/lib/workflows/execution-file-storage.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * Update apps/sim/lib/workflows/execution-file-storage.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * cleanup types * fix lint * fix logs typing for file refs * open download in new tab * fixed * Update apps/sim/tools/index.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * fix file block * cleanup unused code * fix bugs * remove hacky file id logic * fix drag and drop * fix tests --------- Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * feat(trigger-mode): added trigger-mode to workflow_blocks table (#902) * fix(schedules-perms): use regular perm system to view/edit schedule info (#901) * fix(schedules-perms): use regular perm system to view schedule info * fix perms * improve logging * cleanup * prevent tooltip showing up on modal open * updated trigger config * fix type issues --------- Co-authored-by: Vikhyath Mondreti <vikhyathvikku@gmail.com> Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> Co-authored-by: Vikhyath Mondreti <vikhyath@simstudio.ai> * fix(helm): fix helm charts migrations using wrong image (#907) * fix(helm): fix helm charts migrations using wrong image * fixed migrations * feat(whitelist): add email & domain-based whitelisting for signups (#908) * improvement(helm): fix duplicate SOCKET_SERVER_URL and add additional envvars to template (#909) * improvement(helm): fix duplicate SOCKET_SERVER_URL and add additional envvars to template * rm serper & freestyle * improvement(tag-dropdown): typed tag dropdown values (#910) * fix(min-chunk): remove minsize for chunk (#911) * fix(min-chunk): remove minsize for chunk * fix tests * improvement(chunk-config): migrate unused default for consistency (#913) * fix(mailer): update mailer to use the EMAIL_DOMAIN (#914) * fix(mailer): update mailer to use the EMAIL_DOMAIn * add more * Improvement(cc): added cc to gmail and outlook (#900) * changed just gmail * bun run lint * fixed bcc * updated docs --------- Co-authored-by: Adam Gough <adamgough@Mac.attlocal.net> Co-authored-by: waleedlatif1 <walif6@gmail.com> * fix(email-validation): add email validation to prevent bouncing, fixed OTP validation (#916) * feat(email-validation): add email validation to prevent bouncing * removed suspicious patterns * fix(verification): fixed OTP verification * fix failing tests, cleanup * fix(otp): fix email not sending (#917) * fix(email): manual OTP instead of better-auth (#921) * fix(email): manual OTP instead of better-auth * lint --------- Co-authored-by: Vikhyath Mondreti <vikhyathvikku@gmail.com> Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> Co-authored-by: Vikhyath Mondreti <vikhyath@simstudio.ai> Co-authored-by: Adam Gough <77861281+aadamgough@users.noreply.github.com> Co-authored-by: Adam Gough <adamgough@Mac.attlocal.net>
arenadeveloper02
pushed a commit
to arenadeveloper02/p2-sim
that referenced
this pull request
Sep 19, 2025
* fix(email): manual OTP instead of better-auth * lint
arenadeveloper02
pushed a commit
to arenadeveloper02/p2-sim
that referenced
this pull request
Sep 19, 2025
…ypes (simstudioai#919) * feat(execution-filesystem): system to pass files between blocks (simstudioai#866) * feat(files): pass files between blocks * presigned URL for downloads * Remove latest migration before merge * starter block file upload wasn't getting logged * checkpoint in human readable form * checkpoint files / file type outputs * file downloads working for block outputs * checkpoint file download * fix type issues * remove filereference interface with simpler user file interface * show files in the tag dropdown for start block * more migration to simple url object, reduce presigned time to 5 min * Remove migration 0065_parallel_nightmare and related files - Deleted apps/sim/db/migrations/0065_parallel_nightmare.sql - Deleted apps/sim/db/migrations/meta/0065_snapshot.json - Removed 0065 entry from apps/sim/db/migrations/meta/_journal.json Preparing for merge with origin/staging and migration regeneration * add migration files * fix tests * Update apps/sim/lib/uploads/setup.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * Update apps/sim/lib/workflows/execution-file-storage.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * Update apps/sim/lib/workflows/execution-file-storage.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * cleanup types * fix lint * fix logs typing for file refs * open download in new tab * fixed * Update apps/sim/tools/index.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * fix file block * cleanup unused code * fix bugs * remove hacky file id logic * fix drag and drop * fix tests --------- Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * feat(trigger-mode): added trigger-mode to workflow_blocks table (simstudioai#902) * fix(schedules-perms): use regular perm system to view/edit schedule info (simstudioai#901) * fix(schedules-perms): use regular perm system to view schedule info * fix perms * improve logging * feat(webhooks): deprecate singular webhook block + add trigger mode to blocks (simstudioai#903) * feat(triggers): added new trigger mode for blocks, added socket event, ran migrations * Rename old trigger/ directory to background/ * cleaned up, ensured that we display active webhook at the block-level * fix submenu in tag dropdown * keyboard nav on tag dropdown submenu * feat(triggers): add outlook to new triggers system * cleanup * add types to tag dropdown, type all outputs for tools and use that over block outputs * update doc generator to truly reflect outputs * fix docs * add trigger handler * fix active webhook tag * tag dropdown fix for triggers * remove trigger mode schema change * feat(execution-filesystem): system to pass files between blocks (simstudioai#866) * feat(files): pass files between blocks * presigned URL for downloads * Remove latest migration before merge * starter block file upload wasn't getting logged * checkpoint in human readable form * checkpoint files / file type outputs * file downloads working for block outputs * checkpoint file download * fix type issues * remove filereference interface with simpler user file interface * show files in the tag dropdown for start block * more migration to simple url object, reduce presigned time to 5 min * Remove migration 0065_parallel_nightmare and related files - Deleted apps/sim/db/migrations/0065_parallel_nightmare.sql - Deleted apps/sim/db/migrations/meta/0065_snapshot.json - Removed 0065 entry from apps/sim/db/migrations/meta/_journal.json Preparing for merge with origin/staging and migration regeneration * add migration files * fix tests * Update apps/sim/lib/uploads/setup.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * Update apps/sim/lib/workflows/execution-file-storage.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * Update apps/sim/lib/workflows/execution-file-storage.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * cleanup types * fix lint * fix logs typing for file refs * open download in new tab * fixed * Update apps/sim/tools/index.ts Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * fix file block * cleanup unused code * fix bugs * remove hacky file id logic * fix drag and drop * fix tests --------- Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> * feat(trigger-mode): added trigger-mode to workflow_blocks table (simstudioai#902) * fix(schedules-perms): use regular perm system to view/edit schedule info (simstudioai#901) * fix(schedules-perms): use regular perm system to view schedule info * fix perms * improve logging * cleanup * prevent tooltip showing up on modal open * updated trigger config * fix type issues --------- Co-authored-by: Vikhyath Mondreti <vikhyathvikku@gmail.com> Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> Co-authored-by: Vikhyath Mondreti <vikhyath@simstudio.ai> * fix(helm): fix helm charts migrations using wrong image (simstudioai#907) * fix(helm): fix helm charts migrations using wrong image * fixed migrations * feat(whitelist): add email & domain-based whitelisting for signups (simstudioai#908) * improvement(helm): fix duplicate SOCKET_SERVER_URL and add additional envvars to template (simstudioai#909) * improvement(helm): fix duplicate SOCKET_SERVER_URL and add additional envvars to template * rm serper & freestyle * improvement(tag-dropdown): typed tag dropdown values (simstudioai#910) * fix(min-chunk): remove minsize for chunk (simstudioai#911) * fix(min-chunk): remove minsize for chunk * fix tests * improvement(chunk-config): migrate unused default for consistency (simstudioai#913) * fix(mailer): update mailer to use the EMAIL_DOMAIN (simstudioai#914) * fix(mailer): update mailer to use the EMAIL_DOMAIn * add more * Improvement(cc): added cc to gmail and outlook (simstudioai#900) * changed just gmail * bun run lint * fixed bcc * updated docs --------- Co-authored-by: Adam Gough <adamgough@Mac.attlocal.net> Co-authored-by: waleedlatif1 <walif6@gmail.com> * fix(email-validation): add email validation to prevent bouncing, fixed OTP validation (simstudioai#916) * feat(email-validation): add email validation to prevent bouncing * removed suspicious patterns * fix(verification): fixed OTP verification * fix failing tests, cleanup * fix(otp): fix email not sending (simstudioai#917) * fix(email): manual OTP instead of better-auth (simstudioai#921) * fix(email): manual OTP instead of better-auth * lint --------- Co-authored-by: Vikhyath Mondreti <vikhyathvikku@gmail.com> Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> Co-authored-by: Vikhyath Mondreti <vikhyath@simstudio.ai> Co-authored-by: Adam Gough <77861281+aadamgough@users.noreply.github.com> Co-authored-by: Adam Gough <adamgough@Mac.attlocal.net>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
manual OTP instead of better-auth
Type of Change
Testing
Tested manually.
Checklist