Skip to content

feat: add authkit action helper #46

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
DennisKraaijeveld wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

feat: add authkit action helper #46

DennisKraaijeveld wants to merge 1 commit into from

Conversation

@DennisKraaijeveld
Copy link
Contributor

@DennisKraaijeveld DennisKraaijeveld commented Nov 16, 2025

Introduces authkitAction, the action-side equivalent to authkitLoader, so React Router actions get the same session refresh, cookie management, and auth / getAccessToken ergonomics as loaders.

@DennisKraaijeveld DennisKraaijeveld marked this pull request as ready for review November 16, 2025 22:47
@greptile-apps
Copy link
Contributor

greptile-apps bot commented Nov 16, 2025

Greptile Summary

  • Adds authkitAction helper that mirrors authkitLoader functionality for React Router actions, providing automatic session refresh and authentication state management
  • Implements comprehensive test coverage with 292 new test lines covering authenticated/unauthenticated flows and session refresh scenarios

Confidence Score: 5/5

  • This PR is safe to merge with no identified issues
  • The implementation follows the exact same pattern as the existing authkitLoader, properly handles sensitive tokens (only logs last 10 chars in debug mode), includes comprehensive tests with 100% coverage of new functionality, and adheres to all security best practices from custom instructions
  • No files require special attention

Important Files Changed

Filename Overview
src/session.ts Adds authkitAction function mirroring authkitLoader for React Router actions with session refresh and auth state management
src/session.spec.ts Adds comprehensive test suite for authkitAction covering unauthenticated flows, authenticated flows, and session refresh scenarios

Sequence Diagram

sequenceDiagram
    participant User
    participant "React Router" as RR
    participant "authkitAction" as AKA
    participant "updateSession" as US
    participant "handleAuthAction" as HAA
    participant "Custom Action" as CA
    
    User->>RR: "Submit form (POST)"
    RR->>AKA: "Call authkitAction(args, customAction, options)"
    AKA->>US: "Get/refresh session from cookie"
    alt Session valid
        US-->>AKA: "Return session with access token"
        AKA->>HAA: "Pass auth data and session"
        HAA->>CA: "Call customAction({ auth, getAccessToken })"
        CA-->>HAA: "Return action result"
        HAA-->>AKA: "Merge result with auth data"
        AKA-->>RR: "Return data with Set-Cookie header"
    else Session expired but refresh succeeds
        US->>US: "Refresh tokens via WorkOS"
        US-->>AKA: "Return new session with fresh tokens"
        AKA->>HAA: "Pass auth data and new session"
        HAA->>CA: "Call customAction({ auth, getAccessToken })"
        CA-->>HAA: "Return action result"
        HAA-->>AKA: "Merge result with auth data"
        AKA-->>RR: "Return data with updated Set-Cookie"
    else No session or refresh fails
        US-->>AKA: "Throw SessionRefreshError"
        AKA->>AKA: "Destroy session cookie"
        AKA-->>RR: "Redirect to authorization URL"
    end
    RR-->>User: "Return response"
Loading

greptile-apps[bot]
greptile-apps bot reviewed Nov 16, 2025
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

5 files reviewed, no comments

Edit Code Review Agent Settings | Greptile
React with 👍 or 👎 to share your feedback on this new summary format

@DennisKraaijeveld DennisKraaijeveld mentioned this pull request Nov 16, 2025
Open
@DennisKraaijeveld DennisKraaijeveld marked this pull request as draft November 17, 2025 01:53
@DennisKraaijeveld
Copy link
Contributor Author

DennisKraaijeveld commented Nov 17, 2025

Putting this back in draft. Depends on #44

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@DennisKraaijeveld