feat(auth): expose sign.cap + remaining on /auth/config (beta seat counter)#3761
Conversation
…dpoint Adds computeSignupCapacity helper (auth.signupCapacity.js) that is a no-op when cap is null/undefined/non-numeric (all current deployments), wiring it into the getConfig handler. count() is never called when uncapped, keeping the common path identical to before.
|
Warning Review limit reached
More reviews will be available in 54 minutes and 7 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (2)
WalkthroughThis PR adds signup capacity tracking to the authentication config endpoint. A new ChangesSignup capacity computation and config integration
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes Possibly related PRs
Suggested labels
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## master #3761 +/- ##
==========================================
- Coverage 90.14% 90.14% -0.01%
==========================================
Files 150 151 +1
Lines 4961 4970 +9
Branches 1574 1577 +3
==========================================
+ Hits 4472 4480 +8
- Misses 384 385 +1
Partials 105 105
Flags with carried forward coverage won't be shown. Click here to find out more. Continue to review full report in Codecov by Sentry.
🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Pull request overview
Adds a small auth “signup capacity” helper and exposes sign.cap + sign.remaining on the public GET /api/auth/config endpoint to support private-beta “seats left” UI.
Changes:
- Introduces
computeSignupCapacity(rawCap, countFn)to compute{ cap, remaining }with an uncapped short-circuit. - Updates
AuthController.getConfigto returnsign.capandsign.remaining. - Adds unit tests for the helper and extends existing controller unit tests to assert null capacity fields in the uncapped path.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| modules/auth/services/auth.signupCapacity.js | New helper to compute cap + remaining (may call account-count). |
| modules/auth/controllers/auth.controller.js | getConfig now includes sign.cap + sign.remaining and awaits capacity computation. |
| modules/auth/tests/auth.signupCapacity.unit.tests.js | New unit tests for the helper. |
| modules/auth/tests/auth.config.controller.unit.tests.js | Updates controller tests to await and assert cap/remaining are null when uncapped. |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@modules/auth/controllers/auth.controller.js`:
- Around line 607-649: The unauthenticated getConfig handler calls
computeSignupCapacity which invokes UserService.count on every request when
config.sign.cap is set — add a short-TTL cache to avoid per-request collection
counts: inside getConfig (or a small helper) wrap calls to
computeSignupCapacity/UserService.count with an in-memory cache keyed e.g.
"signup_capacity" that returns the last computed {cap, remaining} for a
configurable TTL (e.g. 30–120s), use the cached value when not expired and only
call computeSignupCapacity/UserService.count when expired, and ensure the cache
key is invalidated/updated on user creation/seat changes if you already have
hooks to do so.
In `@modules/auth/services/auth.signupCapacity.js`:
- Around line 10-11: The current coercion treats blank/whitespace rawCap as 0
because Number('') === 0; update the guard around rawCap/cap so blank strings
are treated as "uncapped" (null) instead of 0. Specifically, in the logic that
computes cap from rawCap (referencing rawCap and cap and the
Number()/Number.isFinite() check), add a check that if typeof rawCap ===
'string' and rawCap.trim() === '' then treat it as null, and only call
Number(rawCap) and proceed to the Number.isFinite(cap) test for non-blank inputs
so blank/whitespace config values do not produce cap: 0 or trigger countFn().
In `@modules/auth/tests/auth.signupCapacity.unit.tests.js`:
- Around line 27-31: Add a unit test in
modules/auth/tests/auth.signupCapacity.unit.tests.js that asserts
computeSignupCapacity treats empty or whitespace-only cap strings as uncapped
(like the existing 'non-numeric cap → treated as uncapped' test); call
computeSignupCapacity with '' and with a whitespace string (e.g. ' '), expect
resolves.toEqual({ cap: null, remaining: null }), and verify the provided
countFn is not called—this pins the intended guard behavior in the
computeSignupCapacity helper.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro
Run ID: 1db2dbc1-846a-43bb-b9ba-3f132c9d0a36
📒 Files selected for processing (4)
modules/auth/controllers/auth.controller.jsmodules/auth/services/auth.signupCapacity.jsmodules/auth/tests/auth.config.controller.unit.tests.jsmodules/auth/tests/auth.signupCapacity.unit.tests.js
…apacity
- Blank/whitespace rawCap (e.g. SIGN_CAP="") now treated as uncapped (null)
instead of coercing to 0 via Number('')
- cap ≤ 0 short-circuits countFn (remaining is deterministically 0, no DB hit)
- Add unit tests: empty string cap, whitespace cap, cap=0 no-count assertion
What
Adds a pure helper
modules/auth/services/auth.signupCapacity.js(computeSignupCapacity(rawCap, countFn) → {cap, remaining}) and wires it into the publicGET /api/auth/config(getConfig) handler, so thesignblock now also returnscap+remaining(seats-left). Enables downstream landing pages to render a "X seats left" private-beta counter.Why
Upstream-generic half of a downstream private-beta invite gate. The cap enforcement already exists in this controller (signup + OAuth handlers); this only exposes the configured cap + remaining seats to the read-only config endpoint.
Non-breaking / inert by default
When
config.sign.capis null/unset (every current deployment),capandremainingcome backnullandUserService.count()is not called (short-circuit). No behavior or perf change for any downstream until it opts in by setting a cap.Tests
11 unit tests on the helper (null/undefined/numeric/over-cap/cap=0/numeric-string) + controller tests assert the new fields are null on the uncapped path. Lint clean.
🤖 Generated with Claude Code
Summary by CodeRabbit
New Features
/auth/configresponse.Bug Fixes
Tests