fix: improve auth UI customization options in react sdk

[Nitin-kumar-yadav1307]

🚀 Pull Request Description

Fixes #297

Summary

This PR improves the customization capabilities of the React SDK authentication UI by removing several hardcoded behaviors and introducing configurable branding and authentication options.

The goal is to provide a more flexible and production-ready authentication experience while maintaining backward compatibility through sensible defaults.

---

📋 Changes Made

Authentication Provider Customization

Added support for enabling or disabling authentication providers independently:

• Enable or disable GitHub authentication
• Enable or disable Google authentication
• Enable or disable email/password authentication
• Support email/password-only authentication flows

Branding & Theme Customization

Added support for authentication UI branding customization:

• Custom application/brand name
• Custom logo support
• Custom theme colors
• Improved white-label authentication experience

Custom Labels & Text

Added support for overriding default authentication UI text:

• Custom sign-in titles
• Custom sign-up titles
• Custom labels and messaging
• Application-specific authentication copy

Demo Application Update

Updated the React SDK demo application to demonstrate the new customization capabilities.

---

📁 Files Changed

Source Changes

• sdks/urbackend-react/src/components/UrAuth.tsx
• examples/react-sdk-demo/src/App.tsx

Build Output

• sdks/urbackend-react/dist/index.d.mts
• sdks/urbackend-react/dist/index.d.ts
• sdks/urbackend-react/dist/index.js
• sdks/urbackend-react/dist/index.js.map
• sdks/urbackend-react/dist/index.mjs
• sdks/urbackend-react/dist/index.mjs.map

Dependency Updates

• package-lock.json

---

🧪 Testing & Validation

• Built the React SDK successfully
• Verified authentication provider toggles work correctly
• Verified branding customization renders correctly
• Verified custom labels and titles are displayed properly
• Confirmed existing behavior remains unchanged when customization options are not provided

---

🔄 Backward Compatibility

This change is fully backward compatible.

All new customization options are optional and default to the existing behavior, ensuring that current integrations continue to work without modification.

---

💡 Motivation

The authentication UI was previously too rigid for many real-world applications. Developers could not customize authentication providers, branding, colors, or authentication text, making the SDK less flexible for production use.

This PR addresses those limitations by introducing configurable authentication providers, branding options, theme customization, and custom labels while preserving the existing developer experience.

Summary by CodeRabbit

• New Features

  • Auth UI now accepts configurable providers (enable/disable specific methods), branding (logo, app name, primary color), light/dark theming, and customizable text labels.

• Bug Fixes

  • Safer avatar rendering (checks for non-empty URL) and more reliable sign-out handling in protected views.

• Tests

  • Updated/added tests for auth customization, branding, provider visibility, and reset-password selection.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 9b9b5ad4-c0c5-42ac-a2ea-55c7d624a892

📥 Commits

Reviewing files that changed from the base of the PR and between 9e67758 and e6dd9aa.

📒 Files selected for processing (1)

• examples/react-sdk-demo/src/App.tsx

🚧 Files skipped from review as they are similar to previous changes (1)

• examples/react-sdk-demo/src/App.tsx

---

📝 Walkthrough

Walkthrough

Adds provider, theme, branding, and label configuration to UrAuth; refactors styling to use computed theme/colors; updates demo to use new props and useAuth logout; and expands tests for provider/branding/label-driven behaviors.

Changes

Configurable Authentication UI

Layer / File(s)	Summary
Configuration types and UrAuthProps interface sdks/urbackend-react/src/components/UrAuth.tsx	Introduces AuthProvider, ThemeMode, AuthColors, AuthBranding, and AuthLabels types; expands UrAuthProps with providers (flexible array or boolean object), enableEmailPassword, theme, colors, branding, and labels for developer-driven customization.
Label merging and auth method derivation sdks/urbackend-react/src/components/UrAuth.tsx	Merges default labels with custom labels (supporting aliases like signInTitle/loginTitle), computes themeColors and primaryColor, derives booleans for each auth method, and adds useEffect hooks to surface auth hook errors via toast and reset mode when password auth is disabled.
Theme-driven styling system sdks/urbackend-react/src/components/UrAuth.tsx	Refactors inline styles to use computed themeColors and primaryColor; updates wrapper, header, branding, logo, input, button, divider, and footer styling to be theme-aware and colors-dependent.
Conditional component rendering with helpers sdks/urbackend-react/src/components/UrAuth.tsx	Implements renderSocialButtons helper to show Google/GitHub conditionally, makes GitHub icon fill theme-dependent, integrates Toast with isDark derived from theme, and adds conditional branding header and gated auth mode switcher.
Main render tree with label-driven UI sdks/urbackend-react/src/components/UrAuth.tsx	Reworks render output: switcher buttons use merged labels, forgot/reset screens show themed titles/subtitles, no-methods fallback added, password form fields conditional and label-driven, forgot-password link mode-specific, submit button and footer prompt labels derived from merged text.
Demo app integration examples/react-sdk-demo/src/App.tsx	Imports useAuth, configures UrAuth with enabled providers, branding (app name, logo, primary color), and custom labels; switches dashboard logout handling to useAuth hook and only renders avatar <img> when user.avatarUrl is a non-empty string.
Test coverage for customization sdks/urbackend-react/tests/UrAuth.test.tsx	Adds tests validating primary color application, provider-based conditional rendering (email, Google, GitHub, and no-methods state), label/alias customization, branding logo rendering with image src, and updates forgot-password test to handle multiple matches.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• geturbackend/urBackend#242: Overlaps with React SDK UrAuth changes (provider rendering, mode handling, tests).

Suggested labels

feature, level:intermediate, type:refactor, mentor:yash-pouranik

Suggested reviewers

• yash-pouranik

Poem

🐰 A rabbit's ode to customization

Buttons bloom in hues both new and bright,
Providers gather, ready for flight.
Labels murmur what users should see,
Branding hops in — login feels free. 🥕

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Out of Scope Changes check	⚠️ Warning	Changes are aligned with #297 scope. However, an unresolved safety issue exists: App.tsx uses an unsafe cast for avatarUrl instead of a runtime type check.	Replace the unsafe 'as string' cast with a runtime check: typeof user?.avatarUrl === 'string' before rendering the src attribute.
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title accurately describes the main objective: improving auth UI customization options in the React SDK.
Linked Issues check	✅ Passed	The PR successfully implements all coding requirements from #297: provider toggling, email/password-only mode, theme colors, branding support, and custom labels with backward compatibility.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (3)

sdks/urbackend-react/src/components/UrAuth.tsx (3)

586-605: ⚡ Quick win

Useless ternary - both branches are identical.

Line 589: {mode === 'reset' ? text.passwordLabel : text.passwordLabel} evaluates to the same value regardless of condition. Simplify to just {text.passwordLabel}.

Suggested fix

-                  <label style={styles.label}>{mode === 'reset' ? text.passwordLabel : text.passwordLabel}</label>
+                  <label style={styles.label}>{text.passwordLabel}</label>

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@sdks/urbackend-react/src/components/UrAuth.tsx` around lines 586 - 605, The
label rendering in UrAuth.tsx uses a redundant ternary expression `{mode ===
'reset' ? text.passwordLabel : text.passwordLabel}` inside the component's JSX;
replace the ternary with the plain value `text.passwordLabel` to simplify the
code where the password label is rendered (within the conditional block that
checks `(mode === 'signin' || mode === 'signup' || mode === 'reset')`), leaving
the surrounding JSX (including the signin-only forgot button that calls
`setMode('forgot')` and `clearError()`) unchanged.

---

491-511: ⚡ Quick win

Header condition is always true due to fallback values.

headerTitle and headerSubtitle always have values (via fallback chain to 'urBackend' and mode-based text). This makes the condition || headerTitle || headerSubtitle always true, so the header is always rendered.

If the header should always render, simplify by removing the condition. If it should only render when branding is explicitly provided, remove the || headerTitle || headerSubtitle part:

Option A: Always show header (simplify)

-        {(branding?.logo || branding?.brandName || branding?.appName || branding?.title || branding?.subtitle || headerTitle || headerSubtitle) && (
-          <div style={styles.header}>
+        <div style={styles.header}>

Option B: Only show when branding provided

-        {(branding?.logo || branding?.brandName || branding?.appName || branding?.title || branding?.subtitle || headerTitle || headerSubtitle) && (
+        {(branding?.logo || branding?.brandName || branding?.appName || branding?.title || branding?.subtitle) && (

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@sdks/urbackend-react/src/components/UrAuth.tsx` around lines 491 - 511, The
current render condition always evaluates to true because headerTitle and
headerSubtitle are never empty; update the logic in the JSX that controls the
header (the conditional wrapping the <div style={styles.header}> block) to match
intended behavior: either simplify by removing the entire condition so the
header always renders, or restrict rendering to explicit branding by removing
"|| headerTitle || headerSubtitle" from the boolean expression so it only shows
when branding?.logo, branding?.brandName, branding?.appName, branding?.title, or
branding?.subtitle are present; adjust references to headerTitle/headerSubtitle
accordingly in the block that renders brandRow, brandLogo, brandTitle, and
brandSubtitle.

---

354-366: ⚡ Quick win

Useless ternary in gradient - both branches are identical.

The ternary ${theme === 'dark' ? '#111111' : '#111111'} always evaluates to '#111111'. If both themes should use the same value, remove the ternary. If different themes need different gradient endpoints, fix the values.

Suggested fix (assuming same value for both themes)

-      background: `linear-gradient(180deg, ${primaryColor} 0%, ${theme === 'dark' ? '`#111111`' : '`#111111`'} 100%)`,
+      background: `linear-gradient(180deg, ${primaryColor} 0%, `#111111` 100%)`,

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@sdks/urbackend-react/src/components/UrAuth.tsx` around lines 354 - 366, The
gradient background in the style object inside UrAuth uses an unnecessary
ternary (`${theme === 'dark' ? '`#111111`' : '`#111111`'}`) that always yields
'`#111111`'; update the background property in the component (the style block
where background is defined) to either use a single literal value
(`linear-gradient(180deg, ${primaryColor} 0%, `#111111` 100%)`) if both themes
should match, or replace the ternary endpoints with the correct dark/light color
values if they should differ (e.g., use a distinct variable like
themeColors.backgroundDark / themeColors.backgroundLight).

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@examples/react-sdk-demo/src/App.tsx`:
- Line 86: The line forces a string cast on user.avatarUrl which is typed
unknown; instead validate at runtime and only use it when it is actually a
string. In the App component (the JSX rendering that uses user.avatarUrl) remove
the `as string` cast and change the rendering logic to check `typeof
user?.avatarUrl === 'string' && user.avatarUrl` (or use a string
fallback/placeholder) before passing it to the img src so non-string values
aren’t rendered into the src attribute.

In `@sdks/urbackend-react/src/components/UrAuth.tsx`:
- Around line 170-183: When providers is an object the current logic forces
isEmailPasswordEnabled to false when providers.emailPassword is undefined,
ignoring the enableEmailPassword prop; update the object-branch assignment in
the UrAuth component so isEmailPasswordEnabled falls back to the incoming prop
(enableEmailPassword) instead of false (i.e., set isEmailPasswordEnabled =
providers.emailPassword !== undefined ? providers.emailPassword :
enableEmailPassword) while keeping the existing handling for google/github via
providers.google and providers.github.

---

Nitpick comments:
In `@sdks/urbackend-react/src/components/UrAuth.tsx`:
- Around line 586-605: The label rendering in UrAuth.tsx uses a redundant
ternary expression `{mode === 'reset' ? text.passwordLabel :
text.passwordLabel}` inside the component's JSX; replace the ternary with the
plain value `text.passwordLabel` to simplify the code where the password label
is rendered (within the conditional block that checks `(mode === 'signin' ||
mode === 'signup' || mode === 'reset')`), leaving the surrounding JSX (including
the signin-only forgot button that calls `setMode('forgot')` and `clearError()`)
unchanged.
- Around line 491-511: The current render condition always evaluates to true
because headerTitle and headerSubtitle are never empty; update the logic in the
JSX that controls the header (the conditional wrapping the <div
style={styles.header}> block) to match intended behavior: either simplify by
removing the entire condition so the header always renders, or restrict
rendering to explicit branding by removing "|| headerTitle || headerSubtitle"
from the boolean expression so it only shows when branding?.logo,
branding?.brandName, branding?.appName, branding?.title, or branding?.subtitle
are present; adjust references to headerTitle/headerSubtitle accordingly in the
block that renders brandRow, brandLogo, brandTitle, and brandSubtitle.
- Around line 354-366: The gradient background in the style object inside UrAuth
uses an unnecessary ternary (`${theme === 'dark' ? '`#111111`' : '`#111111`'}`) that
always yields '`#111111`'; update the background property in the component (the
style block where background is defined) to either use a single literal value
(`linear-gradient(180deg, ${primaryColor} 0%, `#111111` 100%)`) if both themes
should match, or replace the ternary endpoints with the correct dark/light color
values if they should differ (e.g., use a distinct variable like
themeColors.backgroundDark / themeColors.backgroundLight).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 58a1af5f-09fb-4827-bd59-0301b06a21cb

📥 Commits

Reviewing files that changed from the base of the PR and between 38c4d80 and c1d0fdf.

⛔ Files ignored due to path filters (7)

• package-lock.json is excluded by !**/package-lock.json
• sdks/urbackend-react/dist/index.d.mts is excluded by !**/dist/**
• sdks/urbackend-react/dist/index.d.ts is excluded by !**/dist/**
• sdks/urbackend-react/dist/index.js is excluded by !**/dist/**
• sdks/urbackend-react/dist/index.js.map is excluded by !**/dist/**, !**/*.map
• sdks/urbackend-react/dist/index.mjs is excluded by !**/dist/**
• sdks/urbackend-react/dist/index.mjs.map is excluded by !**/dist/**, !**/*.map

📒 Files selected for processing (3)

• examples/react-sdk-demo/src/App.tsx
• sdks/urbackend-react/src/components/UrAuth.tsx
• sdks/urbackend-react/tests/UrAuth.test.tsx

[Nitin-kumar-yadav1307]

@yash-pouranik

[yash-pouranik]

yh please resolve Coderabbit's comments

[yash-pouranik]

@Nitin-kumar-yadav1307

[Nitin-kumar-yadav1307]

Yes

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (3)

sdks/urbackend-react/src/components/UrAuth.tsx (3)

156-165: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Allow explicit empty-string overrides for aliased labels.

These alias fallbacks use ||, so '' is treated as “missing.” That makes loginTab, signupTab, loginTitle, signupTitle, loginButton, and signupButton impossible to intentionally blank out, even though this PR is expanding copy customization. Use ?? here so only null/undefined fall back.

Suggested fix

   const text = {
     ...defaultLabels,
     ...labels,
-    loginTab: labels?.signInTab || labels?.loginTab || defaultLabels.loginTab,
-    loginTitle: labels?.signInTitle || labels?.loginTitle || defaultLabels.loginTitle,
-    loginButton: labels?.signInButton || labels?.loginButton || defaultLabels.loginButton,
-    signupTab: labels?.signUpTab || labels?.signupTab || defaultLabels.signupTab,
-    signupTitle: labels?.signUpTitle || labels?.signupTitle || defaultLabels.signupTitle,
-    signupButton: labels?.signUpButton || labels?.signupButton || defaultLabels.signupButton,
+    loginTab: labels?.signInTab ?? labels?.loginTab ?? defaultLabels.loginTab,
+    loginTitle: labels?.signInTitle ?? labels?.loginTitle ?? defaultLabels.loginTitle,
+    loginButton: labels?.signInButton ?? labels?.loginButton ?? defaultLabels.loginButton,
+    signupTab: labels?.signUpTab ?? labels?.signupTab ?? defaultLabels.signupTab,
+    signupTitle: labels?.signUpTitle ?? labels?.signupTitle ?? defaultLabels.signupTitle,
+    signupButton: labels?.signUpButton ?? labels?.signupButton ?? defaultLabels.signupButton,
   };

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@sdks/urbackend-react/src/components/UrAuth.tsx` around lines 156 - 165, The
current construction of the text object uses logical OR (||) for aliased label
fallbacks (e.g., loginTab, loginTitle, loginButton, signupTab, signupTitle,
signupButton) which treats empty strings as missing; change those fallback
expressions to use nullish coalescing (??) so that only null/undefined fall back
to the defaults and explicit empty-string overrides are respected (update the
loginTab/loginTitle/loginButton/signupTab/signupTitle/signupButton expressions
inside the text object to use ?? between labels aliases and defaultLabels).

---

536-543: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Forgot/reset subtitles are still outside the labels API.

The forgot screen reuses text.loginTitle, and the reset screen uses a raw template literal. That leaves these two visible strings uncustomizable even though this PR is expanding label/text overrides for the auth UI. Add dedicated label keys for the forgot/reset subtitles and render them through text like the rest of the screen copy.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@sdks/urbackend-react/src/components/UrAuth.tsx` around lines 536 - 543, The
forgot/reset subtitle strings are not using the labels API; replace the
hardcoded uses of text.loginTitle and the template literal `Enter the code sent
to ${email}` in the JSX block that checks (mode === 'forgot' || mode ===
'reset') so both subtitles come from the text prop (e.g., add and use
text.forgotSubtitle and text.resetSubtitle) and interpolate email into
text.resetSubtitle where needed; update any defaults/provider of text to include
these new keys so the component renders them via text.forgotSubtitle when
mode==='forgot' and text.resetSubtitle when mode==='reset'.

---

353-358: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

The primary CTA still hardcodes black into branded themes.

primaryColor only controls the first gradient stop; the second stop is always #111111. In dark mode that fades into the same color as themeColors.primaryText, so the lower half of the button can lose contrast. It also darkens every custom brand color instead of respecting the configured theme.

Suggested fix

     primaryBtn: {
       width: '100%',
       padding: '14px',
       borderRadius: '0',
-      background: `linear-gradient(180deg, ${primaryColor} 0%, ${theme === 'dark' ? '`#111111`' : '`#111111`'} 100%)`,
+      background: primaryColor,
       color: themeColors.primaryText,
       fontSize: '15px',

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@sdks/urbackend-react/src/components/UrAuth.tsx` around lines 353 - 358, The
gradient for primaryBtn currently hardcodes '`#111111`' as the second stop which
overrides branded colors; update the background declaration in primaryBtn to
stop using '`#111111`' and instead use a proper brand-aware color (e.g., use
primaryColor for both stops or a computed darker/lighter variant of
primaryColor) so the gradient respects the configured theme; if needed add a
small helper to derive a tint/shade from primaryColor and reference that (keep
usage within the primaryBtn style and ensure it no longer references the literal
'`#111111`' and maintains appropriate contrast with themeColors.primaryText).

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@sdks/urbackend-react/src/components/UrAuth.tsx`:
- Around line 156-165: The current construction of the text object uses logical
OR (||) for aliased label fallbacks (e.g., loginTab, loginTitle, loginButton,
signupTab, signupTitle, signupButton) which treats empty strings as missing;
change those fallback expressions to use nullish coalescing (??) so that only
null/undefined fall back to the defaults and explicit empty-string overrides are
respected (update the
loginTab/loginTitle/loginButton/signupTab/signupTitle/signupButton expressions
inside the text object to use ?? between labels aliases and defaultLabels).
- Around line 536-543: The forgot/reset subtitle strings are not using the
labels API; replace the hardcoded uses of text.loginTitle and the template
literal `Enter the code sent to ${email}` in the JSX block that checks (mode ===
'forgot' || mode === 'reset') so both subtitles come from the text prop (e.g.,
add and use text.forgotSubtitle and text.resetSubtitle) and interpolate email
into text.resetSubtitle where needed; update any defaults/provider of text to
include these new keys so the component renders them via text.forgotSubtitle
when mode==='forgot' and text.resetSubtitle when mode==='reset'.
- Around line 353-358: The gradient for primaryBtn currently hardcodes '`#111111`'
as the second stop which overrides branded colors; update the background
declaration in primaryBtn to stop using '`#111111`' and instead use a proper
brand-aware color (e.g., use primaryColor for both stops or a computed
darker/lighter variant of primaryColor) so the gradient respects the configured
theme; if needed add a small helper to derive a tint/shade from primaryColor and
reference that (keep usage within the primaryBtn style and ensure it no longer
references the literal '`#111111`' and maintains appropriate contrast with
themeColors.primaryText).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: eae743e2-f243-467d-86fe-99b7e6316864

📥 Commits

Reviewing files that changed from the base of the PR and between c1d0fdf and 6d6ff1e.

📒 Files selected for processing (2)

• examples/react-sdk-demo/src/App.tsx
• sdks/urbackend-react/src/components/UrAuth.tsx

🚧 Files skipped from review as they are similar to previous changes (1)

• examples/react-sdk-demo/src/App.tsx

[Nitin-kumar-yadav1307]

@yash-pouranik check it out

[yash-pouranik]

Seems good to me.

[yash-pouranik]

have a look
@coderabbitai

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Get current PR details and open review comments
gh pr view 301 --repo geturbackend/urBackend

echo "=== PR Review Comments ==="
gh api repos/geturbackend/urBackend/pulls/301/comments --jq '.[] | {id: .id, path: .path, line: .line, body: .body[0:300], user: .user.login}' 2>/dev/null

echo "=== PR Issue Comments ==="
gh api repos/geturbackend/urBackend/issues/301/comments --jq '.[] | {id: .id, body: .body[0:400], user: .user.login}' 2>/dev/null

echo "=== PR Reviews ==="
gh api repos/geturbackend/urBackend/pulls/301/reviews --jq '.[] | {id: .id, state: .state, user: .user.login, body: .body[0:300]}' 2>/dev/null

Length of output: 7631

---

🏁 Script executed:

#!/bin/bash
# Read the relevant sections of App.tsx
echo "=== App.tsx avatar section ==="
cat examples/react-sdk-demo/src/App.tsx

echo ""
echo "=== UrAuth.tsx enableEmailPassword section (lines 160-230) ==="
sed -n '160,240p' sdks/urbackend-react/src/components/UrAuth.tsx

Length of output: 8894

---

🏁 Script executed:

#!/bin/bash
# Get full bodies of the two open inline comments
echo "=== Comment 1 (App.tsx avatarUrl) ==="
gh api repos/geturbackend/urBackend/pulls/comments/3396377832 --jq '.body'

echo ""
echo "=== Comment 2 (UrAuth.tsx enableEmailPassword) ==="
gh api repos/geturbackend/urBackend/pulls/comments/3396377850 --jq '.body'

echo ""
echo "=== Check resolution status ==="
gh api repos/geturbackend/urBackend/pulls/301/comments --jq '.[] | {id: .id, path: .path, line: .line, in_reply_to_id: .in_reply_to_id, user: .user.login}' 2>/dev/null

Length of output: 5681

---

🏁 Script executed:

#!/bin/bash
# Resolve comment 2 (UrAuth.tsx enableEmailPassword) - it's already fixed in the code
# Find the review thread ID for this comment to resolve it
gh api repos/geturbackend/urBackend/pulls/301/reviews --jq '.[] | select(.user.login == "coderabbitai[bot]") | {id: .id, state: .state}'

# Get the pull request review threads to find which can be resolved
gh api graphql -f query='
{
  repository(owner: "geturbackend", name: "urBackend") {
    pullRequest(number: 301) {
      reviewThreads(first: 20) {
        nodes {
          id
          isResolved
          comments(first: 1) {
            nodes {
              databaseId
              body
            }
          }
        }
      }
    }
  }
}'

Length of output: 5955

---

---

@yash-pouranik Here's a status summary of the two previously raised issues:

---

✅ Fixed — enableEmailPassword inconsistency (UrAuth.tsx)

The fallback to the enableEmailPassword prop when providers is an object (and emailPassword key is absent) was correctly applied in commit 6d6ff1e. This is resolved.

---

⚠️ Still needs a code fix — Unsafe avatarUrl cast (App.tsx)

The review thread was marked resolved in the UI, but the code was not actually changed. examples/react-sdk-demo/src/App.tsx still contains:

// ❌ Current (unsafe)
{user?.avatarUrl ? (
  <img src={user.avatarUrl as string} alt="Avatar" ... />

The as string cast bypasses TypeScript's type checking without any runtime validation. Since avatarUrl is typed as unknown, a non-string truthy value would silently produce a broken src. The fix is straightforward:

// ✅ Safe runtime check
{typeof user?.avatarUrl === 'string' && user.avatarUrl ? (
  <img src={user.avatarUrl} alt="Avatar" ... />

@Nitin-kumar-yadav1307 — could you apply this one-line fix? Everything else looks good to go.

[yash-pouranik]

last update
@Nitin-kumar-yadav1307

[Nitin-kumar-yadav1307]

have a look
@coderabbitai

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
cat examples/react-sdk-demo/src/App.tsx

Length of output: 5777

---

🏁 Script executed:

#!/bin/bash
# Resolve the open review thread for the avatarUrl comment (ID: 3396377832)
gh api graphql -f query='
{
  repository(owner: "geturbackend", name: "urBackend") {
    pullRequest(number: 301) {
      reviewThreads(first: 20) {
        nodes {
          id
          isResolved
          comments(first: 1) {
            nodes {
              databaseId
              body
            }
          }
        }
      }
    }
  }
}'

Length of output: 5604

---

---

@Nitin-kumar-yadav1307 — confirmed, the fix is in place! ✅

The avatarUrl check now correctly uses:

{typeof user?.avatarUrl === 'string' && user?.avatarUrl ? (
  <img src={user.avatarUrl} alt="Avatar" ... />

Both previously raised issues are now resolved:

Issue	Status
Unsafe as string cast on user.avatarUrl (App.tsx)	✅ Fixed
enableEmailPassword fallback inconsistency (UrAuth.tsx)	✅ Fixed (commit 6d6ff1e)

The PR looks good to go! 🎉

🐇 ≧◡≦