Fix vault import current password verification#31
Conversation
Ensure first vault imports prove the typed password against the active account before encrypting, preventing account/vault password divergence. Made-with: Cursor
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 6631351e55
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if (status === 401) { | ||
| const e = new Error('invalid_credentials'); | ||
| e.code = 'invalid_credentials'; | ||
| throw e; |
There was a problem hiding this comment.
verifyPassword() currently rewrites every HTTP 401 from /auth/verify-password to invalid_credentials, but 401 can also mean an expired/revoked session (unauthorized) rather than a wrong password. In the new first-write path, VaultContext.save() remaps invalid_credentials to password_mismatch, so an expired session is misreported as “wrong password” and the auth-loss flow is skipped, leaving users unable to complete import until they manually re-authenticate. Preserve backend error codes (or only remap when the code is explicitly invalid_credentials) instead of blanket status-based remapping.
Useful? React with 👍 / 👎.
Only treat explicit invalid-credentials responses as password mismatches so expired sessions still follow the normal auth-loss path. Made-with: Cursor
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b61935736e
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| (responseData && | ||
| typeof responseData === 'object' && | ||
| (responseData.error || responseData.code)); | ||
| if (status === 401 && code === 'invalid_credentials') { |
There was a problem hiding this comment.
The new verifyPassword path only special-cases 401 invalid_credentials; any other 401 is rethrown as-is. I checked src/lib/apiClient.js and its auth-loss hook is intentionally skipped for URLs under /auth/*, so in the EMPTY first-write flow an expired session on /auth/verify-password will no longer trigger global logout/redirect (the old flow reached /vault/*, which did). Users stay in a stale "logged-in" UI and just see a generic import error, so this should explicitly route non-credential 401s through auth-loss handling.
Useful? React with 👍 / 👎.
Let non-credential verify-password 401s trigger the global auth-loss handler while preserving password mismatch handling. Made-with: Cursor
|
@codex review |
|
Codex Review: Didn't find any major issues. Chef's kiss. ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
1 participant
Summary
Test plan
Dependency
/auth/verify-passwordendpoint PR before deployment.Made with Cursor