[codex] Fix false account disabled redirects

[riderx]

Summary (AI generated)

• Changed the auth guard so /accountDisabled is only reached when the disabled-account RPC explicitly returns true.
• Added regression coverage for RPC failures and stale browser history entries pointing to the recovery page.

Motivation (AI generated)

Users could land on the account-deletion recovery page while still authenticated because transient account-status check failures were treated as disabled accounts. The page then could not find a deletion date because the account was not actually pending deletion.

Business Impact (AI generated)

This avoids alarming active users with a false account deletion message and reduces support risk from intermittent console navigation failures.

Test Plan (AI generated)

• bun lint
• bunx vitest run tests/auth-sso-provisioning.unit.test.ts
• Commit hook: bun run cli:build && vue-tsc --noEmit

Generated with AI

Summary by CodeRabbit

Release Notes

• Bug Fixes
  • Improved error handling during account status verification in the authentication flow. When account status checks encounter errors, authentication now proceeds with standard validation instead of blocking access.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: b2e27022-667a-4f4b-8625-cb078d4a6d13

📥 Commits

Reviewing files that changed from the base of the PR and between ec0bb65 and 4f8afa5.

📒 Files selected for processing (2)

• src/modules/auth.ts
• tests/auth-sso-provisioning.unit.test.ts

---

📝 Walkthrough

Walkthrough

The PR changes the error-handling behavior of the disabled-account check in the auth guard. When the RPC fails, the function now returns false (account not disabled) instead of true (account disabled), altering downstream routing. Tests are updated to validate this new behavior: the guard continues navigation on RPC error and redirects active users away from the recovery page to their saved destination.

Changes

Disabled-account RPC error handling

Layer / File(s)	Summary
isDisabledAccount RPC error handler src/modules/auth.ts	The catch block in isDisabledAccount now logs and returns false on RPC failure instead of returning true, treating the account as enabled when the disabled-account check errors.
Disabled-account error test coverage tests/auth-sso-provisioning.unit.test.ts	Test case name and assertions are updated to expect the guard to call next() without redirect and to avoid the /accountDisabled route when the disabled-account RPC errors. A recovery-page scenario is added to assert that active users are redirected to their saved destination route rather than remaining on the recovery page when the check errors.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• Cap-go/capgo#1980: Modifies the auth guard's disabled-account RPC error handling and resulting redirect/navigation behavior, directly overlapping with this PR's changes to isDisabledAccount.

Suggested labels

codex

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically summarizes the main change: fixing false redirects to the account disabled page by altering error-handling behavior.
Description check	✅ Passed	The description includes Summary and Test Plan sections as required by the template, detailing the changes, motivation, and test steps executed. The Checklist section is present but incomplete, which is acceptable for non-critical items.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codspeed-hq]

Merging this PR will not alter performance

✅ 43 untouched benchmarks
⏩ 2 skipped benchmarks¹

---

_{Comparing codex/fix-account-disabled-back-navigation (4f8afa5) with main (ec0bb65)}

Footnotes

1. 2 benchmarks were skipped, so the baseline results were used instead. If they were deleted from the codebase, click here and archive them to remove them from the performance reports. ↩

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.