feat(vercel): PR feedback changes

Author: 0ski

apps/webapp/app/components/integrations/VercelOnboardingModal.tsx

@@ -320,7 +320,6 @@ export function VercelOnboardingModal({
     if (state === "project-selection" && fetcher.data && "success" in fetcher.data && fetcher.data.success && fetcher.state === "idle") {
       setState("loading-env-mapping");
       if (onDataReload) {
-        console.log("Vercel onboarding: Reloading data after successful project selection to get updated project info and env vars");
         onDataReload();
       }
     } else if (fetcher.data && "error" in fetcher.data && typeof fetcher.data.error === "string") {

apps/webapp/app/models/vercelIntegration.server.ts

@@ -1,6 +1,5 @@
 import { Vercel } from "@vercel/sdk";
 import {
-  IntegrationService,
   Organization,
   OrganizationIntegration,
   SecretReference,
@@ -34,7 +33,7 @@ function extractEnvs(response: unknown): unknown[] {
 }
 
 function isVercelSecretType(type: string): boolean {
-  return type === "secret" || type === "sensitive";
+  return type === "secret" || type === "sensitive" || type === "encrypted";
 }
 
 function vercelApiError(message: string, context: Record<string, unknown>, error: unknown): VercelAPIResult<never> {

apps/webapp/app/presenters/v3/BranchesPresenter.server.ts

@@ -42,7 +42,7 @@ export type GitMetaLinks = {
   /** The git provider, e.g., `github` */
   provider?: string;
 
-  source?: "trigger_github_app" | "github_actions" | "local" | "trigger_vercel_app";
+  source?: "trigger_github_app" | "github_actions" | "local";
   ghUsername?: string;
   ghUserAvatarUrl?: string;
 };

apps/webapp/app/routes/_app.orgs.$organizationSlug.projects.$projectParam.env.$envParam.settings/route.tsx

@@ -50,6 +50,7 @@ import {
   VercelOnboardingModal,
   vercelResourcePath,
 } from "../resources.orgs.$organizationSlug.projects.$projectParam.env.$envParam.vercel";
+import type { loader as vercelLoader } from "../resources.orgs.$organizationSlug.projects.$projectParam.env.$envParam.vercel";
 import { OrgIntegrationRepository } from "~/models/orgIntegration.server";
 import { useTypedFetcher } from "remix-typedjson";
 
@@ -312,7 +313,7 @@ export default function Page() {
   const hasQueryParam = searchParams.get("vercelOnboarding") === "true";
   const nextUrl = searchParams.get("next");
   const [isModalOpen, setIsModalOpen] = useState(false);
-  const vercelFetcher = useTypedFetcher<any>();
+  const vercelFetcher = useTypedFetcher<typeof vercelLoader>();
 
   // Helper to open modal and ensure query param is present
   const openVercelOnboarding = useCallback(() => {

apps/webapp/app/routes/_app.orgs.$organizationSlug.settings.integrations.vercel.tsx

@@ -3,7 +3,7 @@ import type {
   LoaderFunctionArgs,
 } from "@remix-run/node";
 import { json, redirect } from "@remix-run/node";
-import { Form, useActionData, useLoaderData, useNavigation } from "@remix-run/react";
+import { Form, useActionData, useNavigation } from "@remix-run/react";
 import { typedjson, useTypedLoaderData } from "remix-typedjson";
 import { z } from "zod";
 import { DialogClose } from "@radix-ui/react-dialog";
@@ -20,7 +20,7 @@ import { FormButtons } from "~/components/primitives/FormButtons";
 import { Header1 } from "~/components/primitives/Headers";
 import { PageBody, PageContainer } from "~/components/layout/AppLayout";
 import { Paragraph } from "~/components/primitives/Paragraph";
-import { Table, TableBlankRow, TableBody, TableCell, TableHeader, TableHeaderCell, TableRow } from "~/components/primitives/Table";
+import { Table, TableBody, TableCell, TableHeader, TableHeaderCell, TableRow } from "~/components/primitives/Table";
 import { VercelIntegrationRepository } from "~/models/vercelIntegration.server";
 import { $transaction, prisma } from "~/db.server";
 import { requireOrganization } from "~/services/org.server";
@@ -123,6 +123,11 @@ export const action = async ({ request, params }: ActionFunctionArgs) => {
   const { organizationSlug } = OrganizationParamsSchema.parse(params);
   const { organization, userId } = await requireOrganization(request, organizationSlug);
 
+  const formData = await request.formData();
+  const result = ActionSchema.safeParse({ intent: formData.get("intent") });
+  if (!result.success) {
+    return json({ error: "Invalid action" }, { status: 400 });
+  }
 
   // Find Vercel integration
   const vercelIntegration = await prisma.organizationIntegration.findFirst({
@@ -347,11 +352,6 @@ export default function VercelIntegrationPage() {
                     </TableCell>
                   </TableRow>
                 ))}
-                {connectedProjects.length === 0 && (
-                  <TableBlankRow colSpan={4}>
-                    <Paragraph>No connected projects found.</Paragraph>
-                  </TableBlankRow>
-                )}
               </TableBody>
             </Table>
           )}

apps/webapp/app/routes/api.v1.orgs.$organizationSlug.projects.$projectParam.vercel.projects.ts

@@ -4,10 +4,8 @@ import { z } from "zod";
 import { prisma } from "~/db.server";
 import { apiCors } from "~/utils/apiCors";
 import { logger } from "~/services/logger.server";
+import { authenticateApiRequestWithPersonalAccessToken } from "~/services/personalAccessToken.server";
 import { VercelIntegrationService } from "~/services/vercelIntegration.server";
-import {
-  VercelProjectIntegrationDataSchema,
-} from "~/v3/vercel/vercelProjectIntegrationSchema";
 
 const ParamsSchema = z.object({
   organizationSlug: z.string(),
@@ -30,6 +28,15 @@ export async function loader({ request, params }: LoaderFunctionArgs) {
     return apiCors(request, json({}));
   }
 
+  const authenticationResult = await authenticateApiRequestWithPersonalAccessToken(request);
+
+  if (!authenticationResult) {
+    return apiCors(
+      request,
+      json({ error: "Invalid or Missing Access Token" }, { status: 401 })
+    );
+  }
+
   const parsedParams = ParamsSchema.safeParse(params);
   if (!parsedParams.success) {
     return apiCors(
@@ -41,12 +48,17 @@ export async function loader({ request, params }: LoaderFunctionArgs) {
   const { organizationSlug, projectParam } = parsedParams.data;
 
   try {
-    // Find the project
+    // Find the project, verifying org membership
     const project = await prisma.project.findFirst({
       where: {
         slug: projectParam,
         organization: {
           slug: organizationSlug,
+          members: {
+            some: {
+              userId: authenticationResult.userId,
+            },
+          },
         },
         deletedAt: null,
       },

apps/webapp/app/routes/auth.github.callback.tsx

@@ -5,8 +5,7 @@ import { getSession, redirectWithErrorMessage } from "~/models/message.server";
 import { authenticator } from "~/services/auth.server";
 import { setLastAuthMethodHeader } from "~/services/lastAuthMethod.server";
 import { commitSession } from "~/services/sessionStorage.server";
-import { getReferralSource, clearReferralSourceCookie } from "~/services/referralSource.server";
-import { telemetry } from "~/services/telemetry.server";
+import { trackAndClearReferralSource } from "~/services/referralSource.server";
 import { redirectCookie } from "./auth.github";
 import { sanitizeRedirectPath } from "~/utils";
 
@@ -56,25 +55,7 @@ export let loader: LoaderFunction = async ({ request }) => {
   headers.append("Set-Cookie", await commitSession(session));
   headers.append("Set-Cookie", await setLastAuthMethodHeader("github"));
 
-  const referralSource = await getReferralSource(request);
-  if (referralSource) {
-    const user = await prisma.user.findUnique({
-      where: { id: auth.userId },
-    });
-    if (user) {
-      const userAge = Date.now() - user.createdAt.getTime();
-      const isNewUser = userAge < 30 * 1000;
-      
-      if (isNewUser) {
-        telemetry.user.identify({
-          user,
-          isNewUser: true,
-          referralSource,
-        });
-      }
-    }
-    headers.append("Set-Cookie", await clearReferralSourceCookie());
-  }
+  await trackAndClearReferralSource(request, auth.userId, headers);
 
   return redirect(redirectTo, { headers });
 };

apps/webapp/app/routes/auth.google.callback.tsx

@@ -5,8 +5,7 @@ import { getSession, redirectWithErrorMessage } from "~/models/message.server";
 import { authenticator } from "~/services/auth.server";
 import { setLastAuthMethodHeader } from "~/services/lastAuthMethod.server";
 import { commitSession } from "~/services/sessionStorage.server";
-import { getReferralSource, clearReferralSourceCookie } from "~/services/referralSource.server";
-import { telemetry } from "~/services/telemetry.server";
+import { trackAndClearReferralSource } from "~/services/referralSource.server";
 import { redirectCookie } from "./auth.google";
 import { sanitizeRedirectPath } from "~/utils";
 
@@ -56,25 +55,7 @@ export let loader: LoaderFunction = async ({ request }) => {
   headers.append("Set-Cookie", await commitSession(session));
   headers.append("Set-Cookie", await setLastAuthMethodHeader("google"));
 
-  const referralSource = await getReferralSource(request);
-  if (referralSource) {
-    const user = await prisma.user.findUnique({
-      where: { id: auth.userId },
-    });
-    if (user) {
-      const userAge = Date.now() - user.createdAt.getTime();
-      const isNewUser = userAge < 30 * 1000;
-      
-      if (isNewUser) {
-        telemetry.user.identify({
-          user,
-          isNewUser: true,
-          referralSource,
-        });
-      }
-    }
-    headers.append("Set-Cookie", await clearReferralSourceCookie());
-  }
+  await trackAndClearReferralSource(request, auth.userId, headers);
 
   return redirect(redirectTo, { headers });
 };

apps/webapp/app/routes/login.mfa/route.tsx

@@ -26,9 +26,7 @@ import { MultiFactorAuthenticationService } from "~/services/mfa/multiFactorAuth
 import { redirectWithErrorMessage, redirectBackWithErrorMessage } from "~/models/message.server";
 import { ServiceValidationError } from "~/v3/services/baseService.server";
 import { checkMfaRateLimit, MfaRateLimitError } from "~/services/mfa/mfaRateLimiter.server";
-import { getReferralSource, clearReferralSourceCookie } from "~/services/referralSource.server";
-import { telemetry } from "~/services/telemetry.server";
-import { prisma } from "~/db.server";
+import { trackAndClearReferralSource } from "~/services/referralSource.server";
 
 export const meta: MetaFunction = ({ matches }) => {
   const parentMeta = matches
@@ -165,29 +163,9 @@ async function completeLogin(request: Request, session: Session, userId: string)
 
   const headers = new Headers();
   headers.append("Set-Cookie", await sessionStorage.commitSession(authSession));
+  headers.append("Set-Cookie", await commitSession(session));
 
-  // Read referral source cookie and set in PostHog if present (only for new users), then clear it
-  const referralSource = await getReferralSource(request);
-  if (referralSource) {
-    const user = await prisma.user.findUnique({
-      where: { id: userId },
-    });
-    if (user) {
-      // Only set referralSource for new users (created within the last 30 seconds)
-      const userAge = Date.now() - user.createdAt.getTime();
-      const isNewUser = userAge < 30 * 1000; // 30 seconds
-      
-      if (isNewUser) {
-        telemetry.user.identify({
-          user,
-          isNewUser: true,
-          referralSource,
-        });
-      }
-    }
-    // Clear the cookie after using it (regardless of whether we set it)
-    headers.append("Set-Cookie", await clearReferralSourceCookie());
-  }
+  await trackAndClearReferralSource(request, userId, headers);
 
   return redirect(redirectTo, { headers });
 }

apps/webapp/app/routes/magic.tsx

@@ -6,8 +6,7 @@ import { authenticator } from "~/services/auth.server";
 import { setLastAuthMethodHeader } from "~/services/lastAuthMethod.server";
 import { getRedirectTo } from "~/services/redirectTo.server";
 import { commitSession, getSession } from "~/services/sessionStorage.server";
-import { getReferralSource, clearReferralSourceCookie } from "~/services/referralSource.server";
-import { telemetry } from "~/services/telemetry.server";
+import { trackAndClearReferralSource } from "~/services/referralSource.server";
 
 export async function loader({ request }: LoaderFunctionArgs) {
   const redirectTo = await getRedirectTo(request);
@@ -55,28 +54,7 @@ export async function loader({ request }: LoaderFunctionArgs) {
   headers.append("Set-Cookie", await commitSession(session));
   headers.append("Set-Cookie", await setLastAuthMethodHeader("email"));
 
-  // Read referral source cookie and set in PostHog if present (only for new users), then clear it
-  const referralSource = await getReferralSource(request);
-  if (referralSource) {
-    const user = await prisma.user.findUnique({
-      where: { id: auth.userId },
-    });
-    if (user) {
-      // Only set referralSource for new users (created within the last 30 seconds)
-      const userAge = Date.now() - user.createdAt.getTime();
-      const isNewUser = userAge < 30 * 1000; // 30 seconds
-      
-      if (isNewUser) {
-        telemetry.user.identify({
-          user,
-          isNewUser: true,
-          referralSource,
-        });
-      }
-    }
-    // Clear the cookie after using it (regardless of whether we set it)
-    headers.append("Set-Cookie", await clearReferralSourceCookie());
-  }
+  await trackAndClearReferralSource(request, auth.userId, headers);
 
   return redirect(redirectTo ?? "/", { headers });
 }