fix: add auth and correct query param for GET /api/organizations #1528
Conversation
The API now requires authentication and uses snake_case query params. Added Bearer token auth via Privy and changed accountId to account_id. Co-Authored-By: Claude Opus 4.6 <[email protected]>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
📝 WalkthroughWalkthroughfetchAccountOrganizations was changed to accept an access token and call Changes
Sequence Diagram(s)sequenceDiagram
participant Hook as useAccountOrganizations
participant Auth as useAccessToken
participant Fetch as fetchAccountOrganizations
participant API as /api/organizations (Server)
Hook->>Auth: request access token
Auth-->>Hook: returns accessToken
Hook->>Fetch: call fetchAccountOrganizations(accessToken)
Fetch->>API: GET /api/organizations\nHeaders: Authorization: Bearer <accessToken>
API-->>Fetch: 200 OK (organizations)
Fetch-->>Hook: returns organizations
Estimated Code Review Effort🎯 2 (Simple) | ⏱️ ~10 minutes Poem
🚥 Pre-merge checks | ✅ 1✅ Passed checks (1 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing touches
🧪 Generate unit tests (beta)
No actionable comments were generated in the recent review. 🎉 Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: d549dafa3b
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
hooks/useAccountOrganizations.ts
Outdated
| if (!accessToken) { | ||
| throw new Error("Not authenticated"); |
There was a problem hiding this comment.
This query is enabled as soon as userData?.account_id exists, but it now hard-fails when getAccessToken() returns null. During startup, account_id can be present before Privy has finished token initialization, so the query enters an error state ("Not authenticated") even though the user is signed in; with refetchOnWindowFocus: false, that can leave the org list stuck until a manual refresh/invalidation. Include Privy auth readiness in enabled (or avoid throwing for the transient no-token case) so initial load can recover automatically.
Useful? React with 👍 / 👎.
Bearer tokens resolve to orgId=null (personal key behavior), so passing account_id as a query param causes the API to reject with 400/403. The API resolves the account from the Bearer token directly — no query params needed. Also switched to the useAccessToken hook to match the established pattern used by useConnectors. Co-Authored-By: Claude Opus 4.6 <[email protected]>
1 participant
Summary
Authorization: Bearerheader using Privy access token to authenticate with the API (which now requires auth)accountId(camelCase) toaccount_id(snake_case) to match the updated API specRoot cause: The API's
/api/organizationsendpoint was updated to require authentication and usesaccount_idas the query param name. Without these changes, the endpoint returned empty/unauthorized results, causing the org list to show only a personal account.Test plan
🤖 Generated with Claude Code
Summary by CodeRabbit
Bug Fixes
Documentation