remove existing authentication

[Inglan]

Summary by CodeRabbit

• Refactor

  • Removed third‑party authentication UI (sidebar sign‑in, account page) and related account flows.
  • Disabled cloud sync and backups features.
  • Simplified app providers and user-identification behavior.

• Documentation

  • Privacy content simplified to remove authentication/external account references.

• Chores

  • Removed auth-related dependencies and sample public auth key from environment and build configs.

• Revert

  • None.

[coderabbitai]

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title "remove existing authentication" concisely and accurately reflects the main change in the changeset—removal of authentication-related code, configuration, and secrets—so it communicates the primary intent to reviewers scanning the PR history.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch 529-remove-existing-authentication

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ad3423d and 88832c6.

📒 Files selected for processing (1)

• src/routes/backups/+page.svelte (4 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• src/routes/backups/+page.svelte

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cloudflare-workers-and-pages]

Deploying edutools-testing with    Cloudflare Pages

Latest commit:	88832c6
Status:	✅  Deploy successful!
Preview URL:	https://da04e0a5.edutools-testing.pages.dev
Branch Preview URL:	https://529-remove-existing-authenti.edutools-testing.pages.dev

View logs

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

src/routes/backups/+page.svelte (1)

90-141: Remove leftover cloud-backup wiring; api.backups.* is gone and will break types/build

SignedIn/SignedOut UI is commented, but imports and queries still reference api.backups.get and Convex client. Clean them up.

Apply:

 <script lang="ts">
 	import { onMount } from 'svelte';

-	let sessionToken = $state('');
-
 	import dayjs from 'dayjs';
 
-	import { useConvexClient, useQuery } from 'convex-svelte';
-	import { api } from '$lib/../convex/_generated/api.js';
 	import Button, { buttonVariants } from '$lib/components/ui/button/button.svelte';
 	import * as Card from '$lib/components/ui/card/index.js';
 	import Input from '$lib/components/ui/input/input.svelte';
 	import LoaderCircle from '@lucide/svelte/icons/loader-circle';
 	import * as AlertDialog from '$lib/components/ui/alert-dialog/index.js';
 	import { toast } from 'svelte-sonner';
-	import Backup from './backup.svelte';
 	import createBackup from '$lib/createBackup';
 	import restoreBackup from '$lib/restoreBackup';
 	import Clipboard from '@lucide/svelte/icons/clipboard';
-	import Info from '@lucide/svelte/icons/info';
 	import * as Alert from '$lib/components/ui/alert/index.js';
 	import posthog from 'posthog-js';
 
-	let query = $state(useQuery(api.backups.get, { jwt: '' }));
-	const client = useConvexClient();
-	let enteredBackupName = $state('');
 	let loading = $state(false);
 
 	let backupData = $state('');
 	let inputtedBackupData = $state('');
 
 	onMount(() => {
 		backupData = createBackup();
 	});
 
-	$effect(() => {
-		query = useQuery(api.backups.get, { jwt: sessionToken });
-	});
-
 	function setLoading(value: boolean) {
 		loading = value;
 	}
 </script>

src/convex/backups.ts (1)

1-69: Backups API disabled but clients still call it — restore endpoints or remove/update client calls

• Client references found that will break if server handlers remain commented:
  • src/routes/backups/+page.svelte — useQuery(api.backups.get, { jwt: '' }) (≈lines 24, 37) and client.mutation(api.backups.create, { ... }) (≈lines 104–106)
  • src/routes/backups/backup.svelte — await client.mutation(api.backups.remove, { id: backup.id, jwt: token }) (≈line 102)
• Server file is fully commented out: src/convex/backups.ts — either re-enable/implement these handlers (or add an explicit deprecation/feature-flag and return safe errors), or remove the client usage and run convex codegen after deleting the server file.

🧹 Nitpick comments (5)

src/lib/components/settings.svelte (1)

26-26: Remove dead code and unused state introduced by auth removal

The commented save import and sessionToken state are no longer used. Prune to keep svelte-check/ts clean.

Outside this hunk, remove sessionToken:

-	let sessionToken = $state('');

src/lib/sync.ts (1)

7-49: Either export a no‑op save for compatibility or remove unused imports

With save commented out, top imports are unused and may fail ts checks. Two options:

Option A (no-op export to keep imports working):

-import { get } from 'svelte/store';
-import { api } from '../convex/_generated/api';
-import { syncState } from './state.svelte';
-import { syncSettingsStore, preferencesStore, favoritesStore, historyStore } from './stores';
-import { useConvexClient } from 'convex-svelte';
+export async function save() {
+  /* no-op: sync disabled */
+}

Option B (delete file) if nothing imports from it anymore.

src/routes/identify.svelte (1)

3-9: Optional: clear the timeout on destroy

Avoid lingering timers if the route unmounts within 2s.

Example:

-import { onMount } from 'svelte';
+import { onMount, onDestroy } from 'svelte';
+let t: ReturnType<typeof setTimeout>;
 onMount(() => {
-	setTimeout(() => {
+	t = setTimeout(() => {
 		if (posthog.get_distinct_id().startsWith('user_')) {
 			posthog.reset();
 		}
 	}, 2000);
 });
+onDestroy(() => clearTimeout(t));

Also applies to: 11-19

src/convex/utils.ts (1)

1-70: Remove file or add a clear “auth removed” stub

All exports are commented out; prefer deleting the file or replacing with explicit stubs to prevent accidental re-imports.

Example stub:

// Auth utilities removed with Clerk deprecation. Intentionally left empty.

src/convex/sync.ts (1)

1-75: Replace large commented block with a single note or delete file

Avoid long commented code blocks. Prefer a concise placeholder or remove the file to reduce noise.

Apply:

-// import { v } from 'convex/values';
-// import { mutation, query } from './_generated/server';
-// import { getAndUpdateUser, getUser, verifyJwtAndGetPayload } from './utils';
-
-// export const get = query({
-// 	args: {
-// 		jwt: v.string()
-// 	},
-// 	handler: async (ctx, args) => {
-// 		const payload = await verifyJwtAndGetPayload(args.jwt);
-// 		const userInfo = await getUser(ctx, payload);
-// 		if (!userInfo) {
-// 			return null;
-// 		}
-// 		return {
-// 			settings: userInfo.settings,
-// 			favourites: userInfo.favourites,
-// 			history: userInfo.history
-// 		};
-// 	}
-// });
-
-// export const update = mutation({
-// 	args: {
-// 		jwt: v.string(),
-// 		settings: v.optional(
-// 			v.object({
-// 				experimentalFeatures: v.boolean(),
-// 				open: v.string(),
-// 				theme: v.string(),
-// 				panic: v.object({
-// 					enabled: v.boolean(),
-// 					key: v.string(),
-// 					url: v.string(),
-// 					disableExperimentalMode: v.boolean()
-// 				}),
-// 				cloak: v.object({
-// 					mode: v.string(),
-// 					name: v.string(),
-// 					icon: v.string()
-// 				}),
-// 				history: v.boolean()
-// 			})
-// 		),
-// 		favourites: v.optional(v.array(v.string())),
-// 		history: v.optional(v.array(v.string()))
-// 	},
-// 	handler: async (ctx, args) => {
-// 		const payload = await verifyJwtAndGetPayload(args.jwt);
-// 		if (!payload.sub) {
-// 			throw new Error('Invalid JWT: missing subject');
-// 		}
-// 		const userInfo = await getAndUpdateUser(ctx, payload);
-// 		if (!userInfo?._id) {
-// 			throw new Error('Something went wrong');
-// 		}
-// 
-// 		if (args.favourites) {
-// 			await ctx.db.patch(userInfo._id, {
-// 				favourites: args.favourites
-// 			});
-// 		}
-// 		if (args.history) {
-// 			await ctx.db.patch(userInfo._id, {
-// 				history: args.history
-// 			});
-// 		}
-// 		if (args.settings) {
-// 			await ctx.db.patch(userInfo._id, {
-// 				settings: args.settings
-// 			});
-// 		}
-// 	}
-// });
+// Intentionally empty: auth-based sync endpoints removed (PR #530).

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 33f3a25 and ad3423d.

⛔ Files ignored due to path filters (3)

• package-lock.json is excluded by !**/package-lock.json
• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
• src/convex/_generated/api.d.ts is excluded by !**/_generated/**

📒 Files selected for processing (21)

• .env.example (0 hunks)
• .github/copilot-instructions.md (0 hunks)
• .github/workflows/beta_deploy.yml (0 hunks)
• .github/workflows/build.yml (0 hunks)
• .github/workflows/deploy.yml (0 hunks)
• package.json (0 hunks)
• src/convex/backups.ts (1 hunks)
• src/convex/schema.ts (1 hunks)
• src/convex/sync.ts (1 hunks)
• src/convex/utils.ts (1 hunks)
• src/lib/components/app-sidebar.svelte (0 hunks)
• src/lib/components/providers.svelte (1 hunks)
• src/lib/components/settings.svelte (1 hunks)
• src/lib/components/sidebar-auth.svelte (0 hunks)
• src/lib/sync.ts (1 hunks)
• src/routes/+layout.svelte (1 hunks)
• src/routes/account/[...slug]/+page.svelte (0 hunks)
• src/routes/backups/+page.svelte (2 hunks)
• src/routes/identify.svelte (1 hunks)
• src/routes/privacy/+page.svelte (0 hunks)
• vite.config.ts (0 hunks)

💤 Files with no reviewable changes (11)

• .github/workflows/build.yml
• vite.config.ts
• .github/workflows/deploy.yml
• src/lib/components/app-sidebar.svelte
• package.json
• .env.example
• .github/copilot-instructions.md
• src/routes/privacy/+page.svelte
• src/routes/account/[...slug]/+page.svelte
• .github/workflows/beta_deploy.yml
• src/lib/components/sidebar-auth.svelte

🧰 Additional context used

📓 Path-based instructions (4)

**/*.{svelte,ts,js,jsx,tsx,css,scss,json,md}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Code must be formatted with Prettier before committing

Files:

• src/routes/+layout.svelte
• src/convex/schema.ts
• src/convex/sync.ts
• src/convex/backups.ts
• src/lib/sync.ts
• src/lib/components/providers.svelte
• src/routes/backups/+page.svelte
• src/lib/components/settings.svelte
• src/convex/utils.ts
• src/routes/identify.svelte

**/*.{ts,svelte}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Resolve all TypeScript and Svelte component type errors (svelte-check/ts checks must pass)

Files:

• src/routes/+layout.svelte
• src/convex/schema.ts
• src/convex/sync.ts
• src/convex/backups.ts
• src/lib/sync.ts
• src/lib/components/providers.svelte
• src/routes/backups/+page.svelte
• src/lib/components/settings.svelte
• src/convex/utils.ts
• src/routes/identify.svelte

**/*.{ts,js,svelte}

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Ensure all import paths are correct and case-sensitive

Files:

• src/routes/+layout.svelte
• src/convex/schema.ts
• src/convex/sync.ts
• src/convex/backups.ts
• src/lib/sync.ts
• src/lib/components/providers.svelte
• src/routes/backups/+page.svelte
• src/lib/components/settings.svelte
• src/convex/utils.ts
• src/routes/identify.svelte

**/*.*

⚙️ CodeRabbit configuration file

**/*.*: Do not correct spelling errors or grammar mistakes.

Files:

• src/routes/+layout.svelte
• src/convex/schema.ts
• src/convex/sync.ts
• src/convex/backups.ts
• src/lib/sync.ts
• src/lib/components/providers.svelte
• src/routes/backups/+page.svelte
• src/lib/components/settings.svelte
• src/convex/utils.ts
• src/routes/identify.svelte

🔇 Additional comments (3)

src/convex/schema.ts (1)

8-15: Switch 'user' FK from Convex Id to string — plan migration & update callers

• Backfill/migrate existing rows (convert stored Ids to strings) or accept that old rows will fail new-schema validation.
• Update call sites that assume Convex Id types: search for usages of _id, userId, user equality checks, and db.get/patch/insert that reference user.
• Verification: ripgrep found only commented references in src/convex/utils.ts, src/convex/backups.ts, src/convex/sync.ts and commented lines in src/routes/identify.svelte; regenerate Convex-generated types (src/convex/_generated/dataModel.d.ts) and manually confirm no runtime codepaths still expect Id<'users'>.

src/convex/sync.ts (1)

1-75: API removal: verify no remaining client call sites to api.sync.get/update

Found a commented client call and an import in src/lib/sync.ts — src/lib/sync.ts:2 (import { api } from '../convex/_generated/api'), src/lib/sync.ts:43 (// await client.mutation(api.sync.update, ...)). Remove/update these references or re-enable the endpoints; rg emitted "unrecognized file type: tsx" so run a full repo-wide search to be certain.

src/routes/+layout.svelte (1)

32-32: Import reorder OK — identify.svelte exists & no active Clerk imports

Found src/routes/identify.svelte; only commented Clerk references (clerkId at line 16, surrounding lines 14–18), no active Clerk imports/hooks detected.