feat(auth): implement ProtectedRoute with signup completion checks (#1236)

* feat(auth): implement ProtectedRoute with signup completion checks

- Added ProtectedRoute component to manage user authentication and redirect logic based on signup completion status.
- Integrated useAuthCheck and useHasCompletedSignup hooks to determine user state and redirect to appropriate routes.
- Created unit tests for ProtectedRoute to validate redirect behavior for authenticated and unauthenticated users.
- Updated routing constants to include ONBOARDING path for better navigation handling.
- Enhanced onboarding flow to ensure users are guided correctly based on their signup status.

* refactor(auth): simplify ProtectedRoute tests and enhance loading state handling

- Removed the renderWithRouter utility in ProtectedRoute tests, directly using the render function for clarity.
- Added a new test case to ensure that the ProtectedRoute does not redirect when hasCompletedSignup is null, addressing the loading state scenario.
- Updated ProtectedRoute component to wait for hasCompletedSignup to be determined before performing any redirects, improving user experience during authentication checks.

Author: tyler-dane

packages/web/src/auth/ProtectedRoute.test.tsx

@@ -0,0 +1,216 @@
+import "@testing-library/jest-dom";
+import { waitFor } from "@testing-library/react";
+import { render } from "@web/__tests__/__mocks__/mock.render";
+import { AUTH_FAILURE_REASONS } from "@web/common/constants/auth.constants";
+import { ROOT_ROUTES } from "@web/common/constants/routes";
+import { STORAGE_KEYS } from "@web/common/constants/storage.constants";
+import { ProtectedRoute } from "./ProtectedRoute";
+import { useAuthCheck } from "./useAuthCheck";
+import { useHasCompletedSignup } from "./useHasCompletedSignup";
+
+// Mock dependencies
+jest.mock("./useAuthCheck");
+jest.mock("./useHasCompletedSignup");
+
+const mockUseAuthCheck = useAuthCheck as jest.MockedFunction<
+  typeof useAuthCheck
+>;
+const mockUseHasCompletedSignup = useHasCompletedSignup as jest.MockedFunction<
+  typeof useHasCompletedSignup
+>;
+
+// Mock navigate function
+const mockNavigate = jest.fn();
+
+jest.mock("react-router-dom", () => ({
+  ...jest.requireActual("react-router-dom"),
+  useNavigate: () => mockNavigate,
+}));
+
+describe("ProtectedRoute", () => {
+  beforeEach(() => {
+    jest.clearAllMocks();
+    mockNavigate.mockClear();
+    localStorage.clear();
+  });
+
+  describe("Redirect Logic", () => {
+    it("redirects to /onboarding when not authenticated and hasCompletedSignup is false", async () => {
+      mockUseAuthCheck.mockReturnValue({
+        isAuthenticated: false,
+        isCheckingAuth: false,
+        isGoogleTokenActive: false,
+        isSessionActive: false,
+      });
+      mockUseHasCompletedSignup.mockReturnValue({
+        hasCompletedSignup: false,
+        markSignupCompleted: jest.fn(),
+      });
+
+      render(
+        <ProtectedRoute>
+          <div>Protected Content</div>
+        </ProtectedRoute>,
+      );
+
+      await waitFor(() => {
+        expect(mockNavigate).toHaveBeenCalledWith(ROOT_ROUTES.ONBOARDING);
+      });
+    });
+
+    it("redirects to /login when not authenticated and hasCompletedSignup is true (Google token expired)", async () => {
+      mockUseAuthCheck.mockReturnValue({
+        isAuthenticated: false,
+        isCheckingAuth: false,
+        isGoogleTokenActive: false,
+        isSessionActive: false,
+      });
+      mockUseHasCompletedSignup.mockReturnValue({
+        hasCompletedSignup: true,
+        markSignupCompleted: jest.fn(),
+      });
+
+      render(
+        <ProtectedRoute>
+          <div>Protected Content</div>
+        </ProtectedRoute>,
+      );
+
+      await waitFor(() => {
+        expect(mockNavigate).toHaveBeenCalledWith(
+          `${ROOT_ROUTES.LOGIN}?reason=${AUTH_FAILURE_REASONS.GAUTH_SESSION_EXPIRED}`,
+        );
+      });
+    });
+
+    it("redirects to /login when not authenticated and hasCompletedSignup is true (user session expired)", async () => {
+      mockUseAuthCheck.mockReturnValue({
+        isAuthenticated: false,
+        isCheckingAuth: false,
+        isGoogleTokenActive: true,
+        isSessionActive: false,
+      });
+      mockUseHasCompletedSignup.mockReturnValue({
+        hasCompletedSignup: true,
+        markSignupCompleted: jest.fn(),
+      });
+
+      render(
+        <ProtectedRoute>
+          <div>Protected Content</div>
+        </ProtectedRoute>,
+      );
+
+      await waitFor(() => {
+        expect(mockNavigate).toHaveBeenCalledWith(
+          `${ROOT_ROUTES.LOGIN}?reason=${AUTH_FAILURE_REASONS.USER_SESSION_EXPIRED}`,
+        );
+      });
+    });
+
+    it("does not redirect when authenticated", async () => {
+      mockUseAuthCheck.mockReturnValue({
+        isAuthenticated: true,
+        isCheckingAuth: false,
+        isGoogleTokenActive: true,
+        isSessionActive: true,
+      });
+      mockUseHasCompletedSignup.mockReturnValue({
+        hasCompletedSignup: true,
+        markSignupCompleted: jest.fn(),
+      });
+
+      const { getByText } = render(
+        <ProtectedRoute>
+          <div>Protected Content</div>
+        </ProtectedRoute>,
+      );
+
+      await waitFor(() => {
+        expect(getByText("Protected Content")).toBeInTheDocument();
+      });
+
+      expect(mockNavigate).not.toHaveBeenCalled();
+    });
+
+    it("does not redirect when hasCompletedSignup is null (loading state)", async () => {
+      mockUseAuthCheck.mockReturnValue({
+        isAuthenticated: false,
+        isCheckingAuth: false,
+        isGoogleTokenActive: false,
+        isSessionActive: false,
+      });
+      mockUseHasCompletedSignup.mockReturnValue({
+        hasCompletedSignup: null,
+        markSignupCompleted: jest.fn(),
+      });
+
+      render(
+        <ProtectedRoute>
+          <div>Protected Content</div>
+        </ProtectedRoute>,
+      );
+
+      // Wait a bit to ensure redirect doesn't happen
+      await new Promise((resolve) => setTimeout(resolve, 100));
+
+      // Should not redirect while loading
+      expect(mockNavigate).not.toHaveBeenCalled();
+    });
+  });
+
+  describe("localStorage Integration", () => {
+    it("checks localStorage for hasCompletedSignup when determining redirect", async () => {
+      localStorage.setItem(STORAGE_KEYS.HAS_COMPLETED_SIGNUP, "true");
+
+      mockUseAuthCheck.mockReturnValue({
+        isAuthenticated: false,
+        isCheckingAuth: false,
+        isGoogleTokenActive: false,
+        isSessionActive: false,
+      });
+      mockUseHasCompletedSignup.mockReturnValue({
+        hasCompletedSignup: true,
+        markSignupCompleted: jest.fn(),
+      });
+
+      render(
+        <ProtectedRoute>
+          <div>Protected Content</div>
+        </ProtectedRoute>,
+      );
+
+      await waitFor(() => {
+        expect(mockUseHasCompletedSignup).toHaveBeenCalled();
+        expect(mockNavigate).toHaveBeenCalledWith(
+          expect.stringContaining(ROOT_ROUTES.LOGIN),
+        );
+      });
+    });
+
+    it("redirects to /onboarding when localStorage indicates user hasn't completed signup", async () => {
+      localStorage.setItem(STORAGE_KEYS.HAS_COMPLETED_SIGNUP, "false");
+
+      mockUseAuthCheck.mockReturnValue({
+        isAuthenticated: false,
+        isCheckingAuth: false,
+        isGoogleTokenActive: false,
+        isSessionActive: false,
+      });
+      mockUseHasCompletedSignup.mockReturnValue({
+        hasCompletedSignup: false,
+        markSignupCompleted: jest.fn(),
+      });
+
+      render(
+        <ProtectedRoute>
+          <div>Protected Content</div>
+        </ProtectedRoute>,
+      );
+
+      await waitFor(() => {
+        expect(mockNavigate).toHaveBeenCalledWith(ROOT_ROUTES.ONBOARDING);
+      });
+    });
+  });
+});

packages/web/src/auth/ProtectedRoute.tsx

@@ -4,30 +4,44 @@ import { AUTH_FAILURE_REASONS } from "@web/common/constants/auth.constants";
 import { ROOT_ROUTES } from "@web/common/constants/routes";
 import { AbsoluteOverflowLoader } from "@web/components/AbsoluteOverflowLoader";
 import { useAuthCheck } from "./useAuthCheck";
+import { useHasCompletedSignup } from "./useHasCompletedSignup";
 
 export const ProtectedRoute = ({ children }: { children: ReactNode }) => {
   const navigate = useNavigate();
 
   const { isAuthenticated, isCheckingAuth, isGoogleTokenActive } =
     useAuthCheck();
+  const { hasCompletedSignup } = useHasCompletedSignup();
 
   useEffect(() => {
     const handleAuthCheck = () => {
       if (isAuthenticated === false) {
-        if (isGoogleTokenActive === false) {
-          navigate(
-            `${ROOT_ROUTES.LOGIN}?reason=${AUTH_FAILURE_REASONS.GAUTH_SESSION_EXPIRED}`,
-          );
+        // Wait for hasCompletedSignup to be determined (not null) before redirecting
+        if (hasCompletedSignup === null) {
+          return;
+        }
+
+        // Check if user has completed signup to determine redirect destination
+        if (hasCompletedSignup === true) {
+          // User has completed signup before, redirect to /login
+          if (isGoogleTokenActive === false) {
+            navigate(
+              `${ROOT_ROUTES.LOGIN}?reason=${AUTH_FAILURE_REASONS.GAUTH_SESSION_EXPIRED}`,
+            );
+          } else {
+            navigate(
+              `${ROOT_ROUTES.LOGIN}?reason=${AUTH_FAILURE_REASONS.USER_SESSION_EXPIRED}`,
+            );
+          }
         } else {
-          navigate(
-            `${ROOT_ROUTES.LOGIN}?reason=${AUTH_FAILURE_REASONS.USER_SESSION_EXPIRED}`,
-          );
+          // User hasn't completed signup, redirect to /onboarding
+          navigate(ROOT_ROUTES.ONBOARDING);
         }
       }
     };
 
     void handleAuthCheck();
-  }, [isAuthenticated, isGoogleTokenActive, navigate]);
+  }, [isAuthenticated, isGoogleTokenActive, hasCompletedSignup, navigate]);
 
   return (
     <>

packages/web/src/common/constants/routes.ts

@@ -2,6 +2,7 @@ export const ROOT_ROUTES = {
   API: "/api",
   LOGIN: "/login",
   LOGOUT: "/logout",
+  ONBOARDING: "/onboarding",
   ROOT: "/",
   DAY: "/day",
   NOW: "/now",

packages/web/src/views/CmdPalette/CmdPalette.tsx

@@ -1,4 +1,4 @@
-import React, { useEffect, useState } from "react";
+import { useEffect, useState } from "react";
 import CommandPalette, {
   filterItems,
   getItemIndex,
@@ -149,6 +149,12 @@ const CmdPalette = ({
             },
           },
 
+          {
+            id: "redo-onboarding",
+            children: "Re-do onboarding",
+            icon: "ArrowPathIcon",
+            onClick: () => window.open(ROOT_ROUTES.ONBOARDING, "_blank"),
+          },
           {
             id: "log-out",
             children: "Log Out [z]",