[feat]: add github authentication using !verify_github command

[smokeyScraper]

Attached Interactions

Summary by CodeRabbit

• New Features
  • Added a new Discord command to verify GitHub accounts via OAuth, providing users with an interactive authentication button.
  • Introduced a Discord UI view that displays an OAuth button for seamless authentication.
• Enhancements
  • Updated configuration to include dedicated fields for Supabase connection settings with enforced validation.
  • Improved authentication flow by making OAuth login and logout processes asynchronous for better responsiveness.

[coderabbitai]

Walkthrough

The changes introduce explicit Supabase configuration fields, refactor Supabase client initialization to use a centralized settings class, and update Supabase OAuth authentication functions to be asynchronous. Discord bot functionality is expanded with a new GitHub verification command, which utilizes a new interactive OAuth button view for user authentication.

Changes

File(s)	Change Summary
backend/app/core/config.py	Added required supabase_url and supabase_key fields with validation to the Settings class.
backend/app/db/supabase/auth.py	Converted OAuth login/logout functions to async; removed redirect URL option; updated function signatures.
backend/app/db/supabase/supabase_client.py	Refactored to load Supabase credentials from the centralized Settings class instead of environment variables.
backend/bots/discord/discord_cogs.py	Added verify_github async command; integrated GitHub OAuth login; updated help embed; added logging and OAuth button view.
backend/bots/discord/discord_views.py	Added OAuthView class to provide an interactive OAuth button in Discord UI.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant DiscordBot
    participant SupabaseAuth

    User->>DiscordBot: !verify_github command
    DiscordBot->>SupabaseAuth: login_with_github()
    SupabaseAuth-->>DiscordBot: OAuth URL
    DiscordBot->>User: Sends embed with OAuth button (OAuthView)
    User->>SupabaseAuth: Clicks button, authenticates with GitHub

Loading

Poem

In fields of code where rabbits hop,
Supabase secrets now on top!
Discord bots with buttons bright,
Guide users through OAuth’s light.
Async flows and tidy views—
A bunny’s work, fresh as the dew.
🐇✨

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🔭 Outside diff range comments (2)

backend/bots/discord/discord_cogs.py (1)

48-74: login_with_github() is synchronous under the hood – it will block the event-loop

supabase_client.auth.sign_in_with_oauth is a blocking HTTP call. Wrapping it in an async def without off-loading still freezes the bot while waiting.

-            oauth_result = await login_with_github()
+            oauth_result = await asyncio.to_thread(login_with_github)

(Requires import asyncio).

Alternatively, move the HTTP call itself into asyncio.to_thread inside login_with_oauth.
Without this, the bot cannot process other events during the network round-trip.

backend/app/db/supabase/auth.py (1)

21-27: Same blocking issue for logout

sign_out is also synchronous – wrap in asyncio.to_thread to avoid blocking, and chain the exception.

🧹 Nitpick comments (2)

backend/bots/discord/discord_views.py (1)

6-16: Minor: mark the OAuth message as user-only to avoid link leaking

ctx.send(..., view=view) in the cog sends a public message in guild channels, so anybody could click the generated OAuth URL.
Consider setting the message to ephemeral for slash-commands or DM the user to restrict visibility.

No code change required here (handled at the command call-site) – just flagging the risk.

backend/bots/discord/discord_cogs.py (1)

58-66: Use ephemeral=True to keep the verification link private

Anyone in the channel can press the link button. If you intend the link to be user-specific, send it as an ephemeral interaction response or DM.

-            await ctx.send(embed=embed, view=view)
+            await ctx.author.send(embed=embed, view=view)

(This is just one option; slash-commands with ctx.respond(ephemeral=True, …) work too.)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3354281 and 80b22db.

📒 Files selected for processing (5)

• backend/app/core/config.py (1 hunks)
• backend/app/db/supabase/auth.py (1 hunks)
• backend/app/db/supabase/supabase_client.py (1 hunks)
• backend/bots/discord/discord_cogs.py (2 hunks)
• backend/bots/discord/discord_views.py (1 hunks)

🧰 Additional context used

🧬 Code Graph Analysis (1)

backend/app/db/supabase/supabase_client.py (1)

backend/app/core/config.py (1)

• Settings (6-36)

🪛 Pylint (3.3.7)

backend/bots/discord/discord_views.py

[refactor] 3-3: Too few public methods (0/2)

(R0903)

🪛 Ruff (0.11.9)

backend/app/db/supabase/auth.py

10-10: Within an except clause, raise exceptions with raise ... from err or raise ... from None to distinguish them from errors in exception handling

(B904)

[coderabbitai]

🛠️ Refactor suggestion

Reuse the singleton settings object and fail fast when credentials are missing

A second Settings() instantiation does IO and may silently pick up different env values than the global instance in core.config. It also allows the app to continue with empty creds.

-from app.core.config import Settings
+from app.core.config import settings
@@
-settings = Settings()
-
-SUPABASE_URL = settings.supabase_url
-SUPABASE_KEY = settings.supabase_key
+SUPABASE_URL = settings.supabase_url
+SUPABASE_KEY = settings.supabase_key
+
+if not SUPABASE_URL or not SUPABASE_KEY:
+    raise RuntimeError("Supabase URL / Key not configured – check environment variables")

This keeps configuration consistent and surfaces deployment errors immediately.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	from app.core.config import Settings
	from supabase import create_client
	load_dotenv()
	settings = Settings()
	SUPABASE_URL = os.getenv("SUPABASE_URL")
	SUPABASE_KEY = os.getenv("SUPABASE_KEY")
	if SUPABASE_URL is None or SUPABASE_KEY is None:
	raise ValueError("SUPABASE_URL and SUPABASE_KEY must be set in environment variables.")
	SUPABASE_URL = settings.supabase_url
	SUPABASE_KEY = settings.supabase_key
	from app.core.config import settings
	from supabase import create_client
	SUPABASE_URL = settings.supabase_url
	SUPABASE_KEY = settings.supabase_key
	if not SUPABASE_URL or not SUPABASE_KEY:
	raise RuntimeError("Supabase URL / Key not configured – check environment variables")

🤖 Prompt for AI Agents

In backend/app/db/supabase/supabase_client.py lines 1 to 8, avoid creating a new
Settings() instance locally; instead, import and reuse the existing singleton
Settings object from app.core.config to ensure consistent configuration. Add a
check right after loading SUPABASE_URL and SUPABASE_KEY to verify they are not
empty or None, and if they are, raise an error immediately to fail fast and
prevent the app from running with missing credentials.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

backend/bots/discord/discord_views.py (2)

6-17: Consider disabling the view after timeout to avoid stale interaction surfaces

The View lives for 5 minutes (timeout=300) but nothing resets/edits the original message once the view expires.
Although the button is a pure link (no callback), Discord will grey-out UI elements automatically only if the bot edits the message and sets view=None. Without that, users keep seeing a seemingly-live “Connect …” button that now does nothing, which is a minor UX snag.

Optional quick fix (inside the cog after ctx.send(embed=..., view=view)):

msg = await ctx.send(embed=embed, view=view)
await view.wait()              # waits until timeout
await msg.edit(view=None)      # disables the button after 5 min

(Or override on_timeout in the view and call the same edit.)

---

11-15: Basic URL sanity-check could prevent accidental malformed links

oauth_url is injected straight into a link button. If upstream auth code ever returns an empty string or a malformed URL, users will click a broken link.
A minimal guard inside __init__ keeps debugging noise low:

-        self.oauth_url = oauth_url
+        if not oauth_url.startswith(("http://", "https://")):  # very small check
+            raise ValueError("oauth_url must be an absolute http(s) URL")
+        self.oauth_url = oauth_url

backend/app/core/config.py (1)

35-41: Validator leaks no secret but could tighten type/length guarantees

The field_validator successfully blocks empty strings.
If you want stricter compile-time guarantees (and auto-docs), consider Pydantic’s constr to enforce non-empty values without a custom validator:

-    supabase_url: str
-    supabase_key: str
+    from pydantic import constr
+
+    supabase_url: constr(min_length=1)
+    supabase_key: constr(min_length=1)

This removes the need for _not_empty, keeps the error message compact, and slightly speeds up validation.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 80b22db and 7236056.

📒 Files selected for processing (5)

• backend/app/core/config.py (3 hunks)
• backend/app/db/supabase/auth.py (1 hunks)
• backend/app/db/supabase/supabase_client.py (1 hunks)
• backend/bots/discord/discord_cogs.py (2 hunks)
• backend/bots/discord/discord_views.py (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (3)

• backend/app/db/supabase/supabase_client.py
• backend/bots/discord/discord_cogs.py
• backend/app/db/supabase/auth.py

🧰 Additional context used

🪛 Pylint (3.3.7)

backend/bots/discord/discord_views.py

[refactor] 3-3: Too few public methods (0/2)

(R0903)

🔇 Additional comments (1)

backend/app/core/config.py (1)

18-21: 👍 Mandatory Supabase credentials – good fail-fast move

Making both supabase_url and supabase_key required solves the silent-mis-configuration issue raised earlier.
No further remarks here.

[smokeyScraper]

@chandansgowda, could you please review and merge?