Skip to content

fix: generate the TOTP QR internally#66

Open
YasharF wants to merge 1 commit intomasterfrom
qr
Open

fix: generate the TOTP QR internally#66
YasharF wants to merge 1 commit intomasterfrom
qr

Conversation

@YasharF
Copy link
Copy Markdown
Owner

@YasharF YasharF commented Mar 24, 2026

Checklist

  • I acknowledge that submissions that include copy-paste of AI-generated content taken at face value (PR text, code, commit message, documentation, etc.) most likely have errors and hence will be rejected entirely and marked as spam or invalid
  • I manually tested the change with a running instance, DB, and valid API keys where applicable
  • Added/updated tests if the existing tests do not cover this change
  • README or other relevant docs are updated
  • --no-verify was not used for the commit(s)
  • npm run lint passed locally without any errors
  • npm test passed locally without any errors
  • npm run test:e2e:replay passed locally without any errors
  • npm run test:e2e:custom -- --project=chromium-nokey-live passed locally without any errors
  • PR diff does not include unrelated changes
  • PR title follows Conventional Commits — https://www.conventionalcommits.org/en

Description

Screenshots of UI changes (browser) and logs/test results (console, terminal, shell, cmd)

Copilot AI review requested due to automatic review settings March 24, 2026 20:22
Copilot AI reviewed Mar 24, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the TOTP setup flow to stop relying on a third-party QR code service and instead render the QR code image generated internally by the server.

Changes:

  • Generate a TOTP QR code SVG server-side (as a data: URI) and pass it to the view.
  • Update the TOTP setup Pug template to use the internally generated QR image.
  • Add the qr dependency and update dependency metadata/lockfile.

Reviewed changes

Copilot reviewed 3 out of 4 changed files in this pull request and generated 2 comments.

File Description
controllers/user.js Generates an SVG QR code data URI for the TOTP URI and passes it to the renderer.
views/account/totp-setup.pug Renders the QR image from qrImage instead of a remote QR service URL.
package.json Adds qr; also changes Mocha specifier to a dist-tag (next).
package-lock.json Locks qr addition but also includes broader dependency churn.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread controllers/user.js
Comment thread package.json
@YasharF YasharF requested a review from Copilot March 24, 2026 20:49
Copilot AI reviewed Mar 24, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 4 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@YasharF YasharF requested a review from Copilot March 24, 2026 21:00
Copilot AI reviewed Mar 24, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 4 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@YasharF YasharF requested a review from Copilot March 24, 2026 21:10
Copilot AI reviewed Mar 24, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 5 changed files in this pull request and generated 1 comment.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread package.json
Comment on lines +115 to 119
"overrideReasons": {
"encoding-sniffer": "cheerio",
"fetch-blob": "@googleapis/drive",
"formdata-node": "@langchain/groq, @langchain/community"
},
Copy link

Copilot AI Mar 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

overrideReasons is not a standard npm field and (unless there is custom tooling consuming it) it will be ignored by npm. If this metadata is needed, consider moving it to a documented location (e.g., CONTRIBUTING/README) or adding tooling that enforces/uses it; otherwise, please remove it to avoid confusion.

Suggested change
"overrideReasons": {
"encoding-sniffer": "cheerio",
"fetch-blob": "@googleapis/drive",
"formdata-node": "@langchain/groq, @langchain/community"
},

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@YasharF