fix(auth): harden snapshot paths per PR agent review

Address two suggestions from the PR agent review:

1. lib/authResume.ts — catch isAuthed() exceptions in
   consumeResumeSnapshot. The network/timeout path now returns
   null (snapshot already removed earlier to prevent the play-page
   bootstrap's retryBootstrap loop from re-entering this path).
   Document the intentional removeItem-before-isAuthed ordering.

2. components/AuthModal.tsx — wrap onBeforeOAuth in try-catch so
   a snapshot failure (e.g. sessionStorage blocked in privacy mode)
   does not abort the OAuth flow and leave the UI stuck in loading.
This commit is contained in:
yuanzonghao
2026-06-15 14:32:04 +08:00
parent 6060d76b44
commit 3a012d46bf
2 changed files with 26 additions and 2 deletions
+8 -1
View File
@@ -40,7 +40,14 @@ export function AuthModal({
setError("");
// Snapshot before navigating away — the redirect below unmounts the app,
// so any host state must be persisted to sessionStorage *now*.
onBeforeOAuth?.();
// Non-fatal: if the snapshot fails (e.g. sessionStorage is blocked in
// privacy mode), the OAuth flow still proceeds — the user just won't
// have their in-progress state restored on return.
try {
onBeforeOAuth?.();
} catch {
/* snapshot failure is non-fatal */
}
const supabase = createClient();
const { error: oauthError } = await supabase.auth.signInWithOAuth({
provider,