[WIP] fix: authentication when booting into GUI mode

[pujitm]

Summary by CodeRabbit

• New Features
  • Added support for Single Sign-On (SSO) authentication during login.
  • Introduced a new notification toaster component for improved alert display.
  • Added detection of GUI mode to conditionally enhance session handling.
• Bug Fixes
  • Simplified login flow by removing all two-factor authentication (2FA) requirements and related UI elements.
• Improvements
  • Enhanced session initialization to ensure smoother access in specific scenarios.
  • Updated page reload behavior on tab/window focus based on server configuration.
  • Removed legacy notification pop-ups for a cleaner interface.
• Chores
  • Updated internal timestamps and added a "prepare" script to streamline build processes.
  • Removed execution of the unraid-ui setup step from the main setup recipe.

[coderabbitai]

Walkthrough

This update removes all two-factor authentication (2FA) logic from the PHP login flow, simplifying authentication to require only a username and password. The login UI and backend checks are adjusted accordingly, with related functions and conditional rendering eliminated. Additionally, session initialization logic is introduced in the default page layout for cases where no session exists, and notification display logic is updated to use a web component instead of JavaScript pop-ups. Minor formatting and timestamp updates are included, and a new npm "prepare" script is added to the UI package.

Changes

File(s)	Change Summary
.../downloaded/.login.php, .../snapshots/.login.php.modified.snapshot.php	Removed all 2FA logic and checks from the login script and UI. Eliminated related functions, variables, and conditional rendering. Simplified login to username and password only. Cleaned up formatting and whitespace.
.../downloaded/DefaultPageLayout.php, .../snapshots/DefaultPageLayout.php.modified.snapshot.php	Removed a stylesheet link. Modified JavaScript to reload the page on visibility change if a server-side flag is set. Added PHP session initialization logic if no session exists.
.../downloaded/Notifications.page.last-download-time, .../downloaded/DefaultPageLayout.php.last-download-time, .../downloaded/.login.php.last-download-time, .../downloaded/auth-request.php.last-download-time	Updated timestamp values only; no functional changes.
.../modifications/patches/default-page-layout.patch	Removed JavaScript notification pop-ups and user navigation bell icon. Added a <uui-toaster> web component for notifications. Added PHP session initialization at the start of the page.
.../modifications/patches/sso.patch	Introduced verifyUsernamePasswordAndSSO for login, supporting both password and SSO token authentication. Updated login logic and UI accordingly.
.../modifications/default-page-layout.modification.ts	Added methods to prepend PHP session logic before the DOCTYPE in HTML. Ensured this logic is applied during file modification asynchronously.
api/src/core/utils/validation/is-gui-mode.ts	Added an async utility function isGuiMode to detect if the system is running in GUI mode by checking for the "slim" process.
justfile	Removed the just unraid-ui/setup invocation from the setup recipe.
unraid-ui/package.json	Added a "prepare" npm script that runs pnpm build.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant LoginPage (PHP)
    participant System (Shadow/SSO)
    participant Session

    User->>LoginPage (PHP): Submit username & password
    LoginPage (PHP)->>System (Shadow/SSO): verifyUsernamePasswordAndSSO()
    alt Credentials valid
        LoginPage (PHP)->>Session: Start session, set variables
        LoginPage (PHP)-->>User: Redirect to dashboard
    else Invalid credentials
        LoginPage (PHP)-->>User: Show error message
    end

Loading

sequenceDiagram
    participant Browser
    participant DefaultPageLayout (PHP)

    Browser->>DefaultPageLayout (PHP): Load page
    DefaultPageLayout (PHP)->>DefaultPageLayout (PHP): Check if session exists
    alt No session
        DefaultPageLayout (PHP)->>DefaultPageLayout (PHP): Start session, set variables
    end
    DefaultPageLayout (PHP)-->>Browser: Render page
    Browser->>Browser: On visibilitychange event
    alt $myPage['Load'] > 0
        Browser->>Browser: Reload page
    else
        Browser->>Browser: nchanFocusStart()
    end

Loading

Suggested reviewers

• pujitm
• mdatelle

Poem

🎉
The two-factor dance has left the floor,
Now login’s simple—nothing more!
Sessions start with just a glance,
Notifications toast and twirl, not prance.
SSO joins the password song,
And "prepare" builds as we go along.
Streamlined code, a cleaner day—
Let’s celebrate the Unraid way!

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro (Legacy)

📥 Commits

Reviewing files that changed from the base of the PR and between 753c6ed and 173c4e2.

📒 Files selected for processing (3)

• api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/DefaultPageLayout.php.modified.snapshot.php (2 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/default-page-layout.modification.ts (2 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/patches/default-page-layout.patch (4 hunks)

🚧 Files skipped from review as they are similar to previous changes (3)

• api/src/unraid-api/unraid-file-modifier/modifications/default-page-layout.modification.ts
• api/src/unraid-api/unraid-file-modifier/modifications/test/snapshots/DefaultPageLayout.php.modified.snapshot.php
• api/src/unraid-api/unraid-file-modifier/modifications/patches/default-page-layout.patch

⏰ Context from checks skipped due to timeout of 90000ms (4)

• GitHub Check: Build Web App
• GitHub Check: Test API
• GitHub Check: Build API
• GitHub Check: Cloudflare Pages

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 4

🔭 Outside diff range comments (5)

api/src/unraid-api/unraid-file-modifier/modifications/patches/sso.patch (1)

9-57: ⚠️ Potential issue

SSO helper has several edge-case bugs

1. strlen($password) > 800 – many JWTs are ~600 – 700 chars. Rejecting shorter valid tokens will confuse users.
2. preg_match('/^[A-Za-z0-9-_]+.[A-Za-z0-9-_]+.[A-Za-z0-9-_]+$/', …) – the dots are unescaped, so any character is accepted as a separator. Use \..
3. Splitting response with explode('{', $output[0], 2) depends on tool output format; prefer json_decode(implode("\n",$output), true).

Suggested quick fixes:

- if (strlen($password) > 800) {
+ if (strlen($password) >= 500) {

- if (!preg_match('/^[A-Za-z0-9\-_]+\.[A-Za-z0-9\-_]+\.[A-Za-z0-9\-_]+$/', $password)) {
+ if (!preg_match('/^[A-Za-z0-9\-_]+\.[A-Za-z0-9\-_]+\.[A-Za-z0-9\-_]+$/', $password)) {

- $jsonParts = explode('{', $output[0], 2);
- ...
+ $response = json_decode(implode("\n", $output), true);

These tighten validation and reduce false negatives.

api/src/unraid-api/unraid-file-modifier/modifications/patches/default-page-layout.patch (3)

30-45: 🛠️ Refactor suggestion

openNotifier now calls nothing → dead code / async noise

openNotifier() still performs an AJAX request but all $.jGrowl lines were stripped, leaving a loop that does nothing. This produces needless network calls every 15 s and silently discards notifications.

Either:

1. Emit notifications with the new <uui-toaster>, or
2. Remove the polling entirely.

Example draft:

-$.each($.parseJSON(msg), function(i, notify){ ... });
+uuiToaster = document.querySelector('uui-toaster');
+JSON.parse(msg).forEach(n => {
+  uuiToaster.show({ message: n.subject + '<br>' + n.description,
+                    color: n.importance });
+});

---

54-57: ⚠️ Potential issue

Left-over bell icon references break JS

The <div class='nav-user… element was removed, but later code (lines ~81-85) still manipulates $('#bell'). In browsers this now throws “Cannot read properties of null (reading ‘removeClass’)”.

Purge those jQuery calls or feature-flag them with if ($('#bell').length) ….

---

100-101: 🛠️ Refactor suggestion

<uui-toaster> inserted but never used

The markup is present, yet no script pushes messages to it. Users will perceive notifications as lost. Hook openNotifier() (or a new consumer) to document.querySelector('uui-toaster').show(...).

api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/.login.php.modified.snapshot.php (1)

15-18: ⚠️ Potential issue

Regex matches anything – escape the dots

preg_match('/^[A-Za-z0-9-_]+.[A-Za-z0-9-_]+.[A-Za-z0-9-_]+$/', $password)
The . meta-character means “any char”. As written, the check accepts any character between segments, defeating format validation. Escape the dots:

-'/^[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+$/'
+'/^[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+$/'

(Note the backslashes).

🧹 Nitpick comments (6)

api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/DefaultPageLayout.php (1)

1291-1299: Reload-on-focus can create unnecessary refresh loops

Every time the tab regains focus and $myPage['Load'] > 0, you force a full window.location.reload().

If the page is already configured to auto-reload through timers.reload, this extra reload can double-fire, consume bandwidth, and reset UI state for users who simply alt-tab quickly.

-      window.location.reload();
+      // Avoid double reload when timers.reload is already active
+      if (!timers?.focusReload) {
+        timers.focusReload = setTimeout(() => location.reload(), 100);
+      }

Consider debouncing or re-using the existing timers.reload logic.

api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/DefaultPageLayout.php.modified.snapshot.php (1)

1278-1292: Minor regex typo may stop focus-resume reload from working

The block is fine functionally, but note that both branches repeat identical document.hidden checks. You can simplify:

if (document.hidden) {
  nchanFocusStop();
} else if (<?=(isset($myPage['Load']) && $myPage['Load'] > 0) ? 'true' : 'false'?>) {
  location.reload();
} else {
  nchanFocusStart();
}

This removes one level of nested ifs.

api/src/unraid-api/unraid-file-modifier/modifications/default-page-layout.modification.ts (2)

43-58: Missing opening PHP tag is OK but fragile

Because you insert before the final ?>, the added snippet inherits the already-open PHP context. A future maintainer might move the closing tag and break execution.

Safer: wrap the injected block explicitly.

-const newPhpCode = `
-if (session_status() == PHP_SESSION_NONE) {
+const newPhpCode = `
+<?php
+if (session_status() == PHP_SESSION_NONE) {
...
-my_logger("Page accessed without session; created session for root user.");
-}`;
+my_logger("Page accessed without session; created session for root user.");
+?>`;

This makes the patch self-contained.

---

65-66: Transformer order: move auth patch first

removeNotificationBell & replaceToasts operate on HTML/JS, while patchGuiBootAuth changes PHP before the doctype. Running it first avoids re-parsing the string multiple times.

-const transformers = [removeBell, replaceToasts, addToaster, patchGuiBootAuth];
+const transformers = [patchGuiBootAuth, removeBell, replaceToasts, addToaster];

Tiny perf gain and clearer intent.

api/src/unraid-api/unraid-file-modifier/modifications/patches/sso.patch (1)

61-72: Side-effect of function rename: old verifier still present?

You replaced calls to verifyUsernamePassword with verifyUsernamePasswordAndSSO, but the original function is still defined elsewhere. For clarity and to avoid accidental reuse, consider:

// @deprecated – superseded by verifyUsernamePasswordAndSSO()
function verifyUsernamePassword(...) { /* call new fn */ }

This provides backward compatibility without silent divergence.

api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/.login.php (1)

427-438: Duplicate HTML & PHP blocks – factor into include

The root login form markup is duplicated across snapshot and fixture. Extract to a shared login-form.inc.php to reduce maintenance overhead.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c5a394e and dcd2c9a.

📒 Files selected for processing (13)

• api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/.login.php (14 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/.login.php.last-download-time (1 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/DefaultPageLayout.php (1 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/DefaultPageLayout.php.last-download-time (1 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/Notifications.page.last-download-time (1 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/auth-request.php.last-download-time (1 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/.login.php.modified.snapshot.php (14 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/DefaultPageLayout.php.modified.snapshot.php (2 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/default-page-layout.modification.ts (1 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/patches/default-page-layout.patch (4 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/patches/sso.patch (1 hunks)
• justfile (0 hunks)
• unraid-ui/package.json (1 hunks)

💤 Files with no reviewable changes (1)

• justfile

🧰 Additional context used

🧠 Learnings (1)

api/src/unraid-api/unraid-file-modifier/modifications/patches/default-page-layout.patch (2)

Learnt from: elibosley
PR: unraid/api#1101
File: api/src/unraid-api/unraid-file-modifier/modifications/patches/default-page-layout.patch:6-20
Timestamp: 2025-01-31T22:01:41.842Z
Learning: The default-page-layout.patch is used to remove the old jGrowl notification system from Unraid pages, as notifications are handled by a new system implemented on a different page.

Learnt from: elibosley
PR: unraid/api#1101
File: api/src/unraid-api/unraid-file-modifier/modifications/patches/default-page-layout.patch:6-20
Timestamp: 2025-01-31T22:01:41.842Z
Learning: The default-page-layout.patch removes the old jGrowl notification system and is complemented by the unraid-toaster component implementation. The new system is added through the DefaultPageLayout modification which inserts the toaster component with proper position configuration based on user preferences.

🧬 Code Graph Analysis (2)

api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/.login.php.modified.snapshot.php (2)

api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/.login.php (6)

• readFromFile (20-32)
• appendToFile (34-43)
• writeToFile (45-54)
• cleanupFails (64-88)
• isValidTimeStamp (57-62)
• verifyUsernamePassword (90-102)

plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.plugin.manager/include/UnraidCheck.php (1)

• _ (108-108)

api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/.login.php (2)

api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/.login.php.modified.snapshot.php (6)

• readFromFile (71-83)
• appendToFile (85-94)
• writeToFile (96-105)
• cleanupFails (115-139)
• isValidTimeStamp (108-113)
• verifyUsernamePassword (141-153)

plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.plugin.manager/include/UnraidCheck.php (1)

• _ (108-108)

⏰ Context from checks skipped due to timeout of 90000ms (4)

• GitHub Check: Test API
• GitHub Check: Build API
• GitHub Check: Build Web App
• GitHub Check: Cloudflare Pages

🔇 Additional comments (6)

api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/.login.php.last-download-time (1)

1-1: Skip: Timestamp fixture update
This update simply refreshes the fixture’s last-download timestamp. No functional behavior has changed.

unraid-ui/package.json (1)

16-16: Approve the new prepare script
Adding "prepare": "pnpm build" ensures the UI assets are automatically built after dependencies are installed, streamlining local development and deployment.

api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/auth-request.php.last-download-time (1)

1-1: Skip: Timestamp fixture update
This change only updates the test fixture timestamp; there are no code logic modifications.

api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/Notifications.page.last-download-time (1)

1-1: Skip: Timestamp fixture update
The timestamp was refreshed to keep test snapshots in sync. No functional changes to review.

api/src/unraid-api/unraid-file-modifier/modifications/__test__/__fixtures__/downloaded/DefaultPageLayout.php.last-download-time (1)

1-1: Skip: Timestamp fixture update
This fixture’s timestamp aligns with other snapshot updates. No code behavior impacted.

api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/.login.php.modified.snapshot.php (1)

20-24: Shell-argument length risk

escapeshellarg($password) guards against injection, but extremely long JWTs (>128 kB) will break the exec buffer. Consider piping via STDIN:

proc_open('/etc/rc.d/rc.unraid-api sso validate-token', $descriptors, $pipes);
fwrite($pipes[0], $password);

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/DefaultPageLayout.php.modified.snapshot.php (1)

35-49: ⚠️ Potential issue

Security concern: Automatic root session creation needs additional safeguards

Creating a root session automatically for localhost requests poses a security risk. While the comment indicates this should "only be possible when booting into GUI mode," there's no code-level verification to enforce this constraint. An attacker could potentially trigger this code path outside of the boot process.

Consider adding a verifiable server-side condition before granting root privileges, such as checking for a GUI-boot specific flag or environment variable.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro (Legacy)

📥 Commits

Reviewing files that changed from the base of the PR and between dcd2c9a and db3dbe1.

📒 Files selected for processing (3)

• api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/DefaultPageLayout.php.modified.snapshot.php (2 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/default-page-layout.modification.ts (1 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/patches/default-page-layout.patch (4 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• api/src/unraid-api/unraid-file-modifier/modifications/patches/default-page-layout.patch

⏰ Context from checks skipped due to timeout of 90000ms (4)

• GitHub Check: Test API
• GitHub Check: Build Web App
• GitHub Check: Build API
• GitHub Check: Cloudflare Pages

🔇 Additional comments (3)

api/src/unraid-api/unraid-file-modifier/modifications/default-page-layout.modification.ts (2)

35-41: Good regex pattern that accounts for whitespace

The regex pattern now correctly includes \s* before the ?> which makes it resilient against any potential leading whitespace in the source file.

---

71-71: Verify the execution order of transformers

The patchGuiBootAuth transformer is added as the last in the chain. Make sure this is the intended order, as the other transformers might modify the content in ways that could affect the injection point.

api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/DefaultPageLayout.php.modified.snapshot.php (1)

293-298: Improved page refresh logic

The updated code now intelligently handles window visibility changes:

• If myPage['Load'] is set and greater than 0, it reloads the entire page
• Otherwise, it only resumes live updates with nchanFocusStart()

This approach optimizes for both cases - full refresh when needed and efficient incremental updates otherwise.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (3)

api/src/core/utils/validation/is-gui-mode.ts (2)

9-19: Consider memoising isGuiMode() to avoid spawning pgrep every call

execa('pgrep', …) is inexpensive once, but this helper will likely be called repeatedly during a single API lifetime (e.g. once per request from DefaultPageLayoutModification).
A tiny in-memory cache with a short TTL (even 1-2 seconds) eliminates dozens of extra forks without behaviour changes.

-let isGuiMode = async (): Promise<boolean> => {
+const GUI_TTL = 2_000;            // ms
+let cachedValue: boolean | null = null;
+let cachedAt   = 0;
+
+const isGuiMode = async (): Promise<boolean> => {
+    if (cachedValue !== null && Date.now() - cachedAt < GUI_TTL) {
+        return cachedValue;
+    }
     try {
         // Use pgrep to check if slim process is running
         const { exitCode } = await execa('pgrep', ['slim'], { reject: false });
-        // exitCode 0 means process was found, 1 means not found
-        return exitCode === 0;
+        cachedValue = exitCode === 0;   // 0 → GUI mode
+        cachedAt    = Date.now();
+        return cachedValue;
     } catch (error) {
         internalLogger.error('Error checking GUI mode: %s', error);
         return false;
     }
 };

Nice-to-have but improves performance noticeably on busy installations.

---

16-17: Use structured logging for errors

internalLogger.error('Error checking GUI mode: %s', error) flattens the stack trace.
Passing the error as metadata keeps the stack searchable:

internalLogger.error({ err: error }, 'Error checking GUI mode');

api/src/unraid-api/unraid-file-modifier/modifications/default-page-layout.modification.ts (1)

75-87: Minor: avoid double isGuiMode() calls

patchGuiBootAuth and getPregeneratedPatch each invoke isGuiMode().
With the memoisation suggested earlier this is less costly, but you could still compute once and pass the result down (this.isUnraidGuiMode or via a closure) to simplify flow.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro (Legacy)

📥 Commits

Reviewing files that changed from the base of the PR and between a9f0ff6 and a65e0f5.

📒 Files selected for processing (6)

• api/dev/Unraid.net/myservers.cfg (1 hunks)
• api/dev/states/myservers.cfg (1 hunks)
• api/src/core/utils/validation/is-gui-mode.ts (1 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/__test__/snapshots/DefaultPageLayout.php.modified.snapshot.php (1 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/default-page-layout.modification.ts (2 hunks)
• api/src/unraid-api/unraid-file-modifier/modifications/patches/default-page-layout.patch (4 hunks)

✅ Files skipped from review due to trivial changes (2)

• api/dev/Unraid.net/myservers.cfg
• api/dev/states/myservers.cfg

🚧 Files skipped from review as they are similar to previous changes (2)

• api/src/unraid-api/unraid-file-modifier/modifications/patches/default-page-layout.patch
• api/src/unraid-api/unraid-file-modifier/modifications/test/snapshots/DefaultPageLayout.php.modified.snapshot.php

🧰 Additional context used

🧬 Code Graph Analysis (1)

api/src/core/utils/validation/is-gui-mode.ts (1)

api/src/core/log.ts (1)

• internalLogger (39-39)

⏰ Context from checks skipped due to timeout of 90000ms (4)

• GitHub Check: Test API
• GitHub Check: Build API
• GitHub Check: Build Web App
• GitHub Check: Cloudflare Pages

[github-actions]

This plugin has been deployed to Cloudflare R2 and is available for testing.
Download it at this URL:

https://preview.dl.unraid.net/unraid-api/tag/PR1368/dynamix.unraid.net.plg