WIP claude fix user login bugsnag

compwron · compwron · commit 479e59e7c998 · 2025-11-20T09:51:45.000-08:00
diff --git a/app/controllers/users/passwords_controller.rb b/app/controllers/users/passwords_controller.rb
@@ -47,6 +47,12 @@ def send_password
 
   def send_password_reset_mail
     @reset_token = @resource.send_reset_password_instructions # generate a reset token and call devise mailer
+  rescue Net::ReadTimeout, Net::OpenTimeout, Timeout::Error => e
+    # Log the error but don't expose it to the user for security reasons
+    Rails.logger.error("Password reset email failed to send: #{e.class} - #{e.message}")
+    Bugsnag.notify(e) if defined?(Bugsnag)
+    # Still generate a token so SMS can potentially work
+    @reset_token = @resource.generate_password_reset_token
   end
 
   def send_password_reset_sms
diff --git a/config/environments/production.rb b/config/environments/production.rb
@@ -15,7 +15,9 @@
     user_name: ENV["SENDINBLUE_EMAIL"],
     password: ENV["SENDINBLUE_PASSWORD"],
     authentication: "login",
-    enable_starttls_auto: true
+    enable_starttls_auto: true,
+    open_timeout: 5,  # Timeout for opening connection (seconds)
+    read_timeout: 5   # Timeout for reading response (seconds)
   }
   # Code is not reloaded between requests.
   config.enable_reloading = false
diff --git a/spec/requests/users/passwords_spec.rb b/spec/requests/users/passwords_spec.rb
@@ -122,6 +122,27 @@
         )
       end
     end
+
+    context "when email sending times out" do
+      let(:params) { {user: {email: user.email, phone_number: ""}} }
+
+      before do
+        allow_any_instance_of(User).to receive(:send_reset_password_instructions).and_raise(Net::ReadTimeout)
+      end
+
+      it "handles the timeout gracefully and still shows success message" do
+        expect(Rails.logger).to receive(:error).with(/Password reset email failed to send/)
+        request
+        expect(flash[:notice]).to(
+          eq("If the account exists you will receive an email or SMS with instructions on how to reset your password in a few minutes.")
+        )
+      end
+
+      it "does not crash the request" do
+        expect { request }.not_to raise_error
+        expect(response).to redirect_to(user_session_url)
+      end
+    end
   end
 
   describe "PUT /update" do
