feat(auth): anonymous sessions#851
Open
ital0 wants to merge 50 commits into
Open
Conversation
… health check (THU-383)
The 20-LOC information_schema columns query at the top of createAuth forced the function async, cascading awaits through 11 files (elysia plugin, index.ts, swagger.test.ts, and 8 auth/api test files). The schema-drift test in CI plus Postgres' "column does not exist" error on first anonymous sign-in already cover the deployment hazard the health check was guarding against (M3 spec external-4). Removing it lets createAuth stay sync, drops 11 mechanical await/Awaited<> edits, and lets swagger.test.ts go back to being DB-less.
…load Better Auth's M3 registration adds isAnonymous to additionalFields, so the session.user object already carries it. The Path 1 + PUT /upload re-fetches via getUserById were left over from when M4 ran in parallel against an M3 that hadn't yet exposed the field. Read user.isAnonymous directly off the session — eliminates two redundant DB round-trips per token refresh / upload. Path 2 (Bearer-only refresh, no session derive) still needs getUserById.
- Convert anonymous sign-in promise chain to async/await for readability - Remove unused anonymous_session_started PostHog event type
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
- PowerSyncStatus returns null for anonymous sessions since the backend rejects them and the affordance would be misleading - SidebarFooter treats anonymous sessions as logged-out so the Sign In surface is shown instead of a synthetic email
- Replace per-file mock.module of @/contexts with createMockAuthClient + createTestProvider so tests exercise real provider wiring. - Mock only single-export leaf modals (SignInModal, SyncSetupModal) and useIsMobile, per docs/development/testing.md. - Add isAnonymous to MockAuthClientOptions session shape.
- remove mock.module() calls for app hooks, contexts, and modals - rely on real implementations via createTestProvider + providers - aligns with docs/development/testing.md (no mocking shared modules)
- Collapse phase state machine into a single hasAttempted flag - Compute loading directly from observable state to avoid a render gap between mount and the post-commit effect firing - Add effect cleanup to ignore stale completions on unmount
raivieiraadriano92
requested changes
May 11, 2026
Collaborator
raivieiraadriano92
left a comment
raivieiraadriano92
left a comment
There was a problem hiding this comment.
left a few question to confirm the correct behavior
…Account - Drop the anonymous DAL (migration, row-cap, transient-error retry) - Reduce onLinkAccount to a single delete of the anonymous user row - Trim the auth integration test to cover the delete + fixation guard
Anonymous sessions have no real account to delete, so showing the Delete My Account action is misleading and the underlying flow would fail. Gate the section on !isAnonymous alongside isAuthenticated.
…tatus - replace hide-entirely branch with reusing the logged-out popover path - anonymous users now see the same sync affordance and Sign-In CTA as fully logged-out users, keeping the two states visually consistent
- relocate storage-event handler from use-powersync-credentials-invalid- listener.ts to AuthProvider so auth-token concerns live next to the rest of the auth lifecycle - add coverage for both branches (token rotated → reload; token cleared → dispatch powersync_credentials_invalid) - use the shared powersyncCredentialsInvalid event-name constant instead of repeating the string literal
![github-code-quality[bot]](https://avatars.githubusercontent.com/u/9919?s=60&v=4){kind=small}
- Sign In button already surfaces this affordance elsewhere - update tests to assert on the button instead of hint text
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 6b34ee4. Configure here.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Note
High Risk
Touches authentication/session handling and PowerSync authorization, plus a DB schema migration, so mistakes could affect login state, session security, or data sync behavior.
Overview
Introduces anonymous user support end-to-end: adds
user.is_anonymousto the auth schema/migrations and upgrades Better Auth (plus enables theanonymousplugin) with a session-fixation guard that blocks/sign-in/anonymouswhen already authenticated.Adds a PowerSync guard that rejects token issuance and
/powersync/uploadfor anonymous users (both session and bearer-token paths), and updates DAL typing (getUserById) accordingly with new backend tests covering these cases.On the client, adds an
AnonymousSessionGuardthat auto-creates an anonymous session when none exists, treats anonymous sessions as logged-out for sync/UI surfaces (sidebar footer, sync status, preferences sync toggle), adds cross-tab auth-token change handling, and adds PostHog alias/event tracking to link anonymous IDs to promoted accounts across OTP and SSO flows.Reviewed by Cursor Bugbot for commit 6b34ee4. Bugbot is set up for automated code reviews on this repo. Configure here.