Added user authentication with email and password#46
Open
whlpatricia wants to merge 8 commits intomainfrom
Open
Added user authentication with email and password#46whlpatricia wants to merge 8 commits intomainfrom
whlpatricia wants to merge 8 commits intomainfrom
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
There was a problem hiding this comment.
Pull request overview
This PR implements user authentication with email and password using Supabase, adding sign-in, sign-up, and email confirmation flows. However, there are several critical issues that need to be addressed, including incorrect file naming for Next.js middleware, incorrect import paths, missing error pages, and security vulnerabilities.
Key Changes
- Added Supabase authentication functions for email/password sign-up and sign-in
- Created a temporary login page with forms for testing authentication
- Implemented email confirmation route handler for Supabase OTP verification
- Added middleware (incorrectly named as proxy.ts) for session management and route protection
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| src/proxy.ts | Middleware entry point with incorrect naming and import path - should be middleware.ts |
| src/lib/client/supabase/proxy.ts | Session management middleware logic for protecting routes |
| src/lib/client/supabase/client.ts | Browser client initialization for Supabase |
| src/lib/client/supabase/auth.ts | Authentication functions for email/password sign-up and sign-in |
| src/app/login/page.tsx | Temporary UI for testing authentication flows |
| src/app/auth/confirm/route.ts | Email confirmation handler with open redirect vulnerability |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
LeandroHamaguchi
requested changes
Dec 2, 2025
Member
LeandroHamaguchi
left a comment
LeandroHamaguchi
left a comment
There was a problem hiding this comment.
This was one of the hardest tickets, and overall, great work Patricia!
whlpatricia
force-pushed
the
backend/user_auth
branch
from
47bf972 to
a25e897
Compare
ch-iv
requested changes
Jan 21, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Added user authentication with email and password. For now the tmp page displays the user token when signed in successfully.
