fix(auth): correct localStorage boolean type mismatch causing auth bypass#19
Open
KGFCH2 wants to merge 1 commit into
Open
fix(auth): correct localStorage boolean type mismatch causing auth bypass#19KGFCH2 wants to merge 1 commit into
KGFCH2 wants to merge 1 commit into
Conversation
…pass
Critical bug: localStorage.getItem() always returns strings, never native
booleans. The previous check === true always evaluated to false because
'true' (string) !== true (boolean), meaning the auto-redirect for already-
logged-in users on the login page never fired.
Changes:
- Fix type check: localStorage.getItem('isLoggedIn') === 'true'
- Add early return after redirect to prevent form processing post-redirect
- Replace all alert() calls with accessible inline error/success messages
(uses role=alert and aria-live for screen reader compatibility)
- Add minimum password length validation (6 chars) on registration
- Add .trim() on string inputs to prevent whitespace-only submissions
- Improve UX: 1500ms delay before redirect on successful registration
|
@KGFCH2 is attempting to deploy a commit to the Om Roy's projects Team on Vercel. A member of the Team first needs to authorize it. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Related Issue
Closes #18
Summary
Fixes a critical localStorage type mismatch bug where
=== true(boolean) was compared to the string"true"returned bylocalStorage.getItem(). Also replaces disruptivealert()calls with inline error messages and adds password validation.Changes Made
localStorage.getItem("isLoggedIn") === true→=== "true"returnafter redirect to prevent post-redirect form processingalert()calls with inlinerole=alert+aria-livemessages.trim()on email/name fields to reject whitespace-only inputsTesting
Impact
Previously logged-in users were forced to re-authenticate on every visit. This fix ensures session continuity and significantly improves UX.
Checklist