Improve login and signup error feedback for better user experience

[anishghanwat]

Description

This PR improves error feedback on both the login and signup pages. Users now see clear, user-friendly messages for common issues such as invalid credentials, missing accounts, unverified emails, weak passwords, and network errors. This enhances the user experience and accessibility.

Fixes: No specific issue, but addresses user confusion on failed login and signup attempts.

Type of change

• Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

• Tried logging in with invalid credentials (shows “Invalid email or password. Please try again.”)
• Tried logging in with a non-existent email (shows “No account found with this email.”)
• Disconnected network and tried login (shows fallback error message)
• Tried signing up with an existing email, weak password, and network issues (shows appropriate messages)
• Confirmed no new warnings in the console

Test Configuration:

• Node version: 18.16.0
• Browser: Chrome 125
• Operating System: Windows 10

Screenshots (if applicable)

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published in downstream modules

Additional context

This PR improves the user experience for failed logins and signups, helping users understand what went wrong and reducing confusion and support requests.

Summary by CodeRabbit

• New Features

  • Introduced snapping functionality in the timeline editor, including a SnapIndicator, snapping controls, and snapping to playhead or element edges.
  • Added a detailed Roadmap page to the app, accessible from the footer.
  • Added Discord link and Roadmap to the footer's resources.

• Enhancements

  • Improved error messages for login and sign-up to be more user-friendly.
  • Media and text items can now be added directly to the timeline at the current playback time from the media panel.
  • Timeline elements for images and videos now use tiled backgrounds for better visual representation.
  • Added a toggle for snapping in the timeline toolbar.

• Bug Fixes

  • Updated tooltip color scheme for better readability.
  • Fixed removal of real-time waitlist count from the landing page.

• Chores

  • Centralized and validated environment variable management using new env and keys modules.
  • Removed Google OAuth environment variables and documentation.
  • Updated dependencies and added new packages for environment and markdown support.

• Database

  • Updated database schema and migration to set default email verification status and added a new schema snapshot.

• Documentation

  • Added Vercel OSS Program badge to README.
  • Updated contributing guide and .env.example to reflect removal of Google OAuth variables.

• Refactor

  • Refactored timeline store and environment variable access for improved maintainability and consistency.

[netlify]

👷 Deploy request for appcut pending review.

Visit the deploys page to approve it

Name	Link
🔨 Latest commit	cfddc15

[vercel]

@anishghanwat is attempting to deploy a commit to the OpenCut OSS Team on Vercel.

A member of the Team first needs to authorize it.

[coderabbitai]

Walkthrough

This update introduces a centralized, type-safe environment variable management system across the codebase using @t3-oss/env and custom keys() functions. It removes Google OAuth support and related environment variables, updates authentication and database configuration to use the new env system, adds timeline snapping functionality in the editor, improves error messaging for login and signup, and enhances the UI with a roadmap page, Discord footer link, and visual timeline improvements.

Changes

Files/Paths	Change Summary
.github/CONTRIBUTING.md, README.md, apps/web/.env.example, docker-compose.yaml	Removed Google OAuth environment variable documentation and usage.
apps/web/drizzle.config.ts, apps/web/src/env.ts, apps/web/src/lib/rate-limit.ts, apps/web/src/middleware.ts, packages/db/drizzle.config.ts, packages/db/src/index.ts, packages/db/src/keys.ts, packages/db/package.json, packages/auth/src/keys.ts, packages/auth/package.json, packages/auth/src/server.ts, packages/auth/src/client.ts, packages/auth/src/index.ts	Refactored to use centralized, type-safe environment variable management with @t3-oss/env and keys() functions. Added new env modules and updated config, DB, and auth code.
apps/web/package.json, packages/auth/package.json, packages/db/package.json	Added dependencies for environment management (@t3-oss/env-nextjs, zod), updated Next.js and other dependencies, added new export paths.
apps/web/migrations/0002_cuddly_pretty_boy.sql, apps/web/migrations/meta/0002_snapshot.json, apps/web/migrations/meta/_journal.json	Added a migration and schema snapshot for setting default value of email_verified to false in the users table.
apps/web/src/app/layout.tsx, apps/web/src/components/development-debug.tsx	Removed the DevelopmentDebug development-only component and its usage from the app layout.
apps/web/src/app/metadata.ts	Updated Open Graph and Twitter image URLs in metadata.
apps/web/src/app/page.tsx, apps/web/src/components/landing/hero.tsx	Removed waitlist signup count logic and prop from the home page and hero component.
apps/web/src/app/roadmap/page.tsx	Added a new Roadmap page with markdown-rendered milestones and contribution links.
apps/web/src/components/footer.tsx	Added Discord link and Roadmap link to the footer.
apps/web/src/components/editor/media-panel/views/media.tsx, apps/web/src/components/editor/media-panel/views/text.tsx, apps/web/src/components/ui/draggable-item.tsx	Improved drag-and-drop for media/text, added direct "Add to timeline" button/callback.
apps/web/src/components/editor/snap-indicator.tsx, apps/web/src/hooks/use-timeline-snapping.ts, apps/web/src/components/editor/timeline-playhead.tsx, apps/web/src/components/editor/timeline-track.tsx, apps/web/src/components/editor/timeline.tsx, apps/web/src/constants/timeline-constants.ts, apps/web/src/stores/timeline-store.ts	Introduced timeline snapping: new snapping state, UI indicator, snapping logic, toolbar toggle, and store actions for snapping and element addition.
apps/web/src/components/editor/timeline-element.tsx	Updated timeline element rendering to use tiled backgrounds for images and videos.
apps/web/src/components/ui/tooltip.tsx	Changed tooltip color scheme.
apps/web/src/hooks/auth/useLogin.ts, apps/web/src/hooks/auth/useSignUp.ts	Improved error handling with user-friendly error message mapping for login and signup.

Sequence Diagram(s)

Timeline Snapping Feature (High-Level)

sequenceDiagram
    participant User
    participant Timeline
    participant TimelineStore
    participant useTimelineSnapping
    participant SnapIndicator

    User->>Timeline: Drag timeline element
    Timeline->>TimelineStore: Get snappingEnabled, dragState
    Timeline->>useTimelineSnapping: snapElementPosition(...)
    useTimelineSnapping-->>Timeline: { snappedTime, snapPoint }
    Timeline->>SnapIndicator: Show snap indicator (if snapPoint)
    Timeline->>TimelineStore: Add element at snapped position (if dropped)

Loading

Centralized Environment Variable Access

sequenceDiagram
    participant AppCode
    participant keys() / env
    participant @t3-oss/env
    participant process.env

    AppCode->>keys() / env: Import and call for config
    keys() / env->>@t3-oss/env: Validate env vars with schema
    @t3-oss/env->>process.env: Read raw env vars
    @t3-oss/env-->>keys() / env: Return validated config
    keys() / env-->>AppCode: Provide typed config values

Loading

Possibly related PRs

• OpenCut-app/OpenCut#275: Adds a Discord link to the footer, matching the new Discord link added in this PR.
• OpenCut-app/OpenCut#274: Alters the "users" table and updates the schema snapshot, directly related to the migration changes here.
• OpenCut-app/OpenCut#272: Refactors environment variable access to use centralized management, closely related to the env refactor in this PR.

Poem

A rabbit hops through fields of code,
Centralized envs now safely bestowed.
Snapping on timelines, elements align,
Roadmaps and Discord—community signs!
Old OAuth secrets now left behind,
With friendly errors, users won’t mind.
🐇✨ Hop, hop, hooray—what a fine deploy day!

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🔭 Outside diff range comments (2)

apps/web/src/hooks/auth/useSignUp.ts (1)

55-69: Remove or Disable Google Sign-Up to Match Server Configuration

The server no longer supports Google OAuth (packages/auth/src/server.ts has no “google” provider), yet the client hook still calls signIn.social({ provider: "google" }). This mismatch will throw at runtime.

Please update the client to align with server capabilities:

• File: apps/web/src/hooks/auth/useSignUp.ts
Lines: ~55–69
– Remove or guard the handleGoogleSignUp callback.
– Remove “Google” from any UI sign-up options and the signIn.social provider list.

If you intend to keep Google OAuth, re-add the “google” provider configuration in packages/auth/src/server.ts instead.

packages/auth/src/server.ts (1)

13-22: Action Needed: Sync Google OAuth Changes Between Server and Frontend

The server’s Google OAuth configuration has been removed, but the frontend still calls handleGoogleSignUp, leading to a broken signup flow. Please choose one of the following:

1. Remove Google signup from the frontend

   • apps/web/src/hooks/auth/useSignUp.ts
     • Delete the handleGoogleSignUp callback and related isGoogleLoading state.
   • apps/web/src/app/(auth)/signup/page.tsx
     • Remove the Google signup <Button> and any props tied to handleGoogleSignUp or isGoogleLoading.

2. Restore Google OAuth on the server

   • Re-add the Google provider settings in packages/auth/src/server.ts to match the existing frontend implementation.

🧹 Nitpick comments (7)

apps/web/drizzle.config.ts (1)

6-10: Potential redundancy with dotenv loading.

Since you're now using a centralized environment system that likely handles environment variable loading, the manual dotenv.config() calls might be redundant or could potentially conflict with the centralized system.

Consider verifying if the centralized env system already handles loading the appropriate environment files, and if so, remove the manual dotenv configuration:

-// Load the right env file based on environment
-if (env.NODE_ENV === "production") {
-  dotenv.config({ path: ".env.production" });
-} else {
-  dotenv.config({ path: ".env.local" });
-}

packages/db/drizzle.config.ts (1)

8-12: Potential redundancy with dotenv loading.

Similar to the web app's drizzle config, the manual dotenv.config() calls might be redundant since the centralized environment system likely handles environment file loading.

Consider verifying if the centralized env system already handles loading the appropriate environment files, and if so, remove the manual dotenv configuration:

-// Load the right env file based on environment
-if (NODE_ENV === "production") {
-  dotenv.config({ path: ".env.production" });
-} else {
-  dotenv.config({ path: ".env.local" });
-}

apps/web/src/env.ts (1)

19-19: Consider adding client environment variables if needed.

The client environment object is currently empty. If the web app requires any client-side environment variables in the future, they should be added here to maintain the centralized configuration pattern.

apps/web/src/hooks/auth/useLogin.ts (1)

63-63: Consider using the error helper for Google login consistency.

For consistency with email login error handling, consider using the getFriendlyLoginError helper for Google login errors as well, or create a similar helper for social login errors.

-            setError("Failed to sign in with Google. Please try again.");
+            setError(getFriendlyLoginError("Failed to sign in with Google. Please try again."));

apps/web/src/app/roadmap/page.tsx (2)

10-90: Well-structured roadmap data with minor content concerns.

The roadmap data structure is well-typed and comprehensive. However, consider these improvements:

1. Professional tone: Line 39 contains strong language ("fucking perfect") that might not be appropriate for all audiences.
2. Content consistency: Ensure all descriptions maintain a professional tone while being engaging.

-      "The heart of any video editor. Timeline zoom in/out, making clips longer/shorter, dragging elements around, selection, playhead scrubbing. **This part has to be fucking perfect** because it's what users interact with 99% of the time.",
+      "The heart of any video editor. Timeline zoom in/out, making clips longer/shorter, dragging elements around, selection, playhead scrubbing. **This part has to be absolutely perfect** because it's what users interact with 99% of the time.",

---

144-144: Consider dynamic date handling for maintenance.

The hardcoded "last updated" date will require manual updates. Consider either:

1. Making it dynamic based on file modification time
2. Adding a TODO comment to remind developers to update it
3. Moving it to a configuration constant

-                What's coming next for OpenCut (last updated: July 14, 2025)
+                What's coming next for OpenCut (last updated: {new Date().toLocaleDateString('en-US', { year: 'numeric', month: 'long', day: 'numeric' })})

apps/web/src/components/editor/media-panel/views/text.tsx (1)

6-27: Consider making textData immutable.

The textData object contains well-structured default values, but it's declared with let while being used as a constant. Consider using const instead to prevent accidental mutations.

-let textData: TextElement = {
+const textData: TextElement = {

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between afa8f42 and cfddc15.

⛔ Files ignored due to path filters (3)

• apps/web/public/open-graph/default.jpg is excluded by !**/*.jpg
• apps/web/public/open-graph/roadmap.jpg is excluded by !**/*.jpg
• bun.lock is excluded by !**/*.lock

📒 Files selected for processing (42)

• .github/CONTRIBUTING.md (0 hunks)
• README.md (1 hunks)
• apps/web/.env.example (0 hunks)
• apps/web/drizzle.config.ts (1 hunks)
• apps/web/migrations/0002_cuddly_pretty_boy.sql (1 hunks)
• apps/web/migrations/meta/0002_snapshot.json (1 hunks)
• apps/web/migrations/meta/_journal.json (1 hunks)
• apps/web/package.json (3 hunks)
• apps/web/src/app/layout.tsx (0 hunks)
• apps/web/src/app/metadata.ts (1 hunks)
• apps/web/src/app/page.tsx (1 hunks)
• apps/web/src/app/roadmap/page.tsx (1 hunks)
• apps/web/src/components/development-debug.tsx (0 hunks)
• apps/web/src/components/editor/media-panel/views/media.tsx (4 hunks)
• apps/web/src/components/editor/media-panel/views/text.tsx (2 hunks)
• apps/web/src/components/editor/snap-indicator.tsx (1 hunks)
• apps/web/src/components/editor/timeline-element.tsx (2 hunks)
• apps/web/src/components/editor/timeline-playhead.tsx (3 hunks)
• apps/web/src/components/editor/timeline-track.tsx (6 hunks)
• apps/web/src/components/editor/timeline.tsx (11 hunks)
• apps/web/src/components/footer.tsx (1 hunks)
• apps/web/src/components/landing/hero.tsx (1 hunks)
• apps/web/src/components/ui/draggable-item.tsx (6 hunks)
• apps/web/src/components/ui/tooltip.tsx (1 hunks)
• apps/web/src/constants/timeline-constants.ts (1 hunks)
• apps/web/src/env.ts (1 hunks)
• apps/web/src/hooks/auth/useLogin.ts (2 hunks)
• apps/web/src/hooks/auth/useSignUp.ts (2 hunks)
• apps/web/src/hooks/use-timeline-snapping.ts (1 hunks)
• apps/web/src/lib/rate-limit.ts (1 hunks)
• apps/web/src/middleware.ts (2 hunks)
• apps/web/src/stores/timeline-store.ts (5 hunks)
• docker-compose.yaml (0 hunks)
• packages/auth/package.json (1 hunks)
• packages/auth/src/client.ts (1 hunks)
• packages/auth/src/index.ts (1 hunks)
• packages/auth/src/keys.ts (1 hunks)
• packages/auth/src/server.ts (2 hunks)
• packages/db/drizzle.config.ts (1 hunks)
• packages/db/package.json (2 hunks)
• packages/db/src/index.ts (1 hunks)
• packages/db/src/keys.ts (1 hunks)

💤 Files with no reviewable changes (5)

• apps/web/.env.example
• apps/web/src/app/layout.tsx
• .github/CONTRIBUTING.md
• docker-compose.yaml
• apps/web/src/components/development-debug.tsx

🧰 Additional context used

🧠 Learnings (12)

apps/web/src/components/ui/tooltip.tsx (1)

Learnt from: simonorzel26
PR: OpenCut-app/OpenCut#324
File: apps/web/src/components/editor/snap-indicator.tsx:43-43
Timestamp: 2025-07-17T08:26:10.929Z
Learning: In the timeline refactor PR #324, the snap indicator component in apps/web/src/components/editor/snap-indicator.tsx requires the hard-coded `ml-48` class in addition to the calculated `leftPosition` for proper alignment. This is intentional and needed for the new timeline layout.

apps/web/src/constants/timeline-constants.ts (1)

Learnt from: simonorzel26
PR: OpenCut-app/OpenCut#324
File: apps/web/src/components/editor/snap-indicator.tsx:43-43
Timestamp: 2025-07-17T08:26:10.929Z
Learning: In the timeline refactor PR #324, the snap indicator component in apps/web/src/components/editor/snap-indicator.tsx requires the hard-coded `ml-48` class in addition to the calculated `leftPosition` for proper alignment. This is intentional and needed for the new timeline layout.

apps/web/src/components/editor/media-panel/views/text.tsx (1)

Learnt from: simonorzel26
PR: OpenCut-app/OpenCut#324
File: apps/web/src/components/editor/snap-indicator.tsx:43-43
Timestamp: 2025-07-17T08:26:10.929Z
Learning: In the timeline refactor PR #324, the snap indicator component in apps/web/src/components/editor/snap-indicator.tsx requires the hard-coded `ml-48` class in addition to the calculated `leftPosition` for proper alignment. This is intentional and needed for the new timeline layout.

apps/web/src/components/editor/timeline-playhead.tsx (1)

Learnt from: simonorzel26
PR: OpenCut-app/OpenCut#324
File: apps/web/src/components/editor/snap-indicator.tsx:43-43
Timestamp: 2025-07-17T08:26:10.929Z
Learning: In the timeline refactor PR #324, the snap indicator component in apps/web/src/components/editor/snap-indicator.tsx requires the hard-coded `ml-48` class in addition to the calculated `leftPosition` for proper alignment. This is intentional and needed for the new timeline layout.

apps/web/src/components/editor/media-panel/views/media.tsx (1)

Learnt from: simonorzel26
PR: OpenCut-app/OpenCut#324
File: apps/web/src/components/editor/snap-indicator.tsx:43-43
Timestamp: 2025-07-17T08:26:10.929Z
Learning: In the timeline refactor PR #324, the snap indicator component in apps/web/src/components/editor/snap-indicator.tsx requires the hard-coded `ml-48` class in addition to the calculated `leftPosition` for proper alignment. This is intentional and needed for the new timeline layout.

apps/web/src/components/editor/timeline-track.tsx (1)

Learnt from: simonorzel26
PR: OpenCut-app/OpenCut#324
File: apps/web/src/components/editor/snap-indicator.tsx:43-43
Timestamp: 2025-07-17T08:26:10.929Z
Learning: In the timeline refactor PR #324, the snap indicator component in apps/web/src/components/editor/snap-indicator.tsx requires the hard-coded `ml-48` class in addition to the calculated `leftPosition` for proper alignment. This is intentional and needed for the new timeline layout.

apps/web/src/components/editor/snap-indicator.tsx (1)

Learnt from: simonorzel26
PR: OpenCut-app/OpenCut#324
File: apps/web/src/components/editor/snap-indicator.tsx:43-43
Timestamp: 2025-07-17T08:26:10.929Z
Learning: In the timeline refactor PR #324, the snap indicator component in apps/web/src/components/editor/snap-indicator.tsx requires the hard-coded `ml-48` class in addition to the calculated `leftPosition` for proper alignment. This is intentional and needed for the new timeline layout.

apps/web/src/components/editor/timeline-element.tsx (1)

Learnt from: simonorzel26
PR: OpenCut-app/OpenCut#324
File: apps/web/src/components/editor/snap-indicator.tsx:43-43
Timestamp: 2025-07-17T08:26:10.929Z
Learning: In the timeline refactor PR #324, the snap indicator component in apps/web/src/components/editor/snap-indicator.tsx requires the hard-coded `ml-48` class in addition to the calculated `leftPosition` for proper alignment. This is intentional and needed for the new timeline layout.

apps/web/src/components/ui/draggable-item.tsx (1)

Learnt from: simonorzel26
PR: OpenCut-app/OpenCut#324
File: apps/web/src/components/editor/snap-indicator.tsx:43-43
Timestamp: 2025-07-17T08:26:10.929Z
Learning: In the timeline refactor PR #324, the snap indicator component in apps/web/src/components/editor/snap-indicator.tsx requires the hard-coded `ml-48` class in addition to the calculated `leftPosition` for proper alignment. This is intentional and needed for the new timeline layout.

apps/web/src/hooks/use-timeline-snapping.ts (1)

Learnt from: simonorzel26
PR: OpenCut-app/OpenCut#324
File: apps/web/src/components/editor/snap-indicator.tsx:43-43
Timestamp: 2025-07-17T08:26:10.929Z
Learning: In the timeline refactor PR #324, the snap indicator component in apps/web/src/components/editor/snap-indicator.tsx requires the hard-coded `ml-48` class in addition to the calculated `leftPosition` for proper alignment. This is intentional and needed for the new timeline layout.

apps/web/src/stores/timeline-store.ts (1)

Learnt from: simonorzel26
PR: OpenCut-app/OpenCut#324
File: apps/web/src/components/editor/snap-indicator.tsx:43-43
Timestamp: 2025-07-17T08:26:10.929Z
Learning: In the timeline refactor PR #324, the snap indicator component in apps/web/src/components/editor/snap-indicator.tsx requires the hard-coded `ml-48` class in addition to the calculated `leftPosition` for proper alignment. This is intentional and needed for the new timeline layout.

apps/web/src/components/editor/timeline.tsx (1)

Learnt from: simonorzel26
PR: OpenCut-app/OpenCut#324
File: apps/web/src/components/editor/snap-indicator.tsx:43-43
Timestamp: 2025-07-17T08:26:10.929Z
Learning: In the timeline refactor PR #324, the snap indicator component in apps/web/src/components/editor/snap-indicator.tsx requires the hard-coded `ml-48` class in addition to the calculated `leftPosition` for proper alignment. This is intentional and needed for the new timeline layout.

🧬 Code Graph Analysis (19)

apps/web/drizzle.config.ts (1)

apps/web/src/env.ts (1)

• env (7-27)

packages/db/src/index.ts (1)

packages/db/src/keys.ts (1)

• keys (4-19)

apps/web/src/middleware.ts (1)

apps/web/src/env.ts (1)

• env (7-27)

packages/auth/src/client.ts (1)

packages/auth/src/keys.ts (1)

• keys (4-16)

apps/web/src/app/page.tsx (1)

apps/web/src/components/landing/hero.tsx (1)

• Hero (13-133)

apps/web/src/components/footer.tsx (1)

apps/web/src/lib/fetch-github-stars.ts (1)

• getStars (1-29)

packages/db/src/keys.ts (1)

packages/auth/src/keys.ts (1)

• keys (4-16)

apps/web/src/components/editor/media-panel/views/text.tsx (3)

apps/web/src/types/timeline.ts (1)

• TextElement (23-38)

apps/web/src/constants/timeline-constants.ts (1)

• TIMELINE_CONSTANTS (72-79)

apps/web/src/stores/timeline-store.ts (1)

• useTimelineStore (189-1129)

apps/web/src/lib/rate-limit.ts (1)

apps/web/src/env.ts (1)

• env (7-27)

packages/auth/src/server.ts (2)

packages/auth/src/keys.ts (1)

• keys (4-16)

packages/db/src/index.ts (1)

• db (20-20)

packages/auth/src/keys.ts (1)

packages/db/src/keys.ts (1)

• keys (4-19)

packages/db/drizzle.config.ts (2)

packages/auth/src/keys.ts (1)

• keys (4-16)

packages/db/src/keys.ts (1)

• keys (4-19)

apps/web/src/env.ts (2)

packages/auth/src/server.ts (1)

• auth (8-25)

packages/db/src/index.ts (1)

• db (20-20)

apps/web/src/components/editor/media-panel/views/media.tsx (1)

apps/web/src/stores/timeline-store.ts (1)

• useTimelineStore (189-1129)

apps/web/src/components/editor/timeline-element.tsx (1)

apps/web/src/constants/timeline-constants.ts (1)

• getTrackHeight (43-45)

apps/web/src/components/ui/draggable-item.tsx (1)

apps/web/src/stores/playback-store.ts (1)

• usePlaybackStore (53-134)

apps/web/src/app/roadmap/page.tsx (4)

apps/web/src/components/header.tsx (1)

• Header (12-70)

apps/web/src/components/icons.tsx (1)

• GithubIcon (24-39)

apps/web/src/lib/utils.ts (1)

• cn (6-8)

apps/web/src/components/footer.tsx (1)

• Footer (10-140)

apps/web/src/hooks/use-timeline-snapping.ts (2)

apps/web/src/types/timeline.ts (1)

• TimelineTrack (81-88)

apps/web/src/constants/timeline-constants.ts (1)

• TIMELINE_CONSTANTS (72-79)

apps/web/src/stores/timeline-store.ts (4)

apps/web/src/types/timeline.ts (3)

• TrackType (4-4)
• TextElement (23-38)
• DragData (79-79)

apps/web/src/stores/media-store.ts (1)

• MediaItem (8-26)

apps/web/src/constants/timeline-constants.ts (1)

• TIMELINE_CONSTANTS (72-79)

apps/web/src/hooks/use-toast.ts (1)

• toast (191-191)

🔇 Additional comments (60)

apps/web/src/components/landing/hero.tsx (1)

13-13: Inconsistency between PR objectives and actual changes.

The PR objectives state this is about "improving login and signup error feedback," but the actual changes remove waitlist count functionality from the Hero component. The function signature change from accepting props to no props appears correct based on the AI summary, but these changes don't align with the stated goal of improving error messaging.

Could you clarify if this PR includes additional files that actually implement the login/signup error feedback improvements mentioned in the objectives?

Likely an incorrect or invalid review comment.

apps/web/src/app/page.tsx (1)

9-9: Implementation is consistent with Hero component changes.

The removal of the signupCount prop correctly aligns with the Hero component's updated signature. This simplifies the component rendering and removes the dynamic waitlist count functionality.

However, this change still doesn't relate to the PR objectives about improving login and signup error feedback.

Likely an incorrect or invalid review comment.

README.md (1)

150-153: LGTM! Proper sponsor acknowledgment.

The addition of the Vercel OSS Program badge appropriately acknowledges their open-source support and follows best practices with proper alt text for accessibility.

apps/web/src/app/metadata.ts (1)

6-7: Confirm Open Graph image availability and redirects

The new apps/web/public/open-graph/default.jpg file is present.

Before merging:

• Verify that requests to /opengraph-image.jpg are redirected to /open-graph/default.jpg to prevent broken social previews.
• Ensure the image dimensions remain 1200×630 for proper Open Graph rendering.

apps/web/migrations/0002_cuddly_pretty_boy.sql (1)

1-1: LGTM! Proper security default for email verification.

Setting email_verified to default false follows security best practices by ensuring users start in an unverified state. This aligns well with the PR's goal of improving login/signup error feedback.

Note: This migration only affects new user records. Existing users' email_verified status will remain unchanged, which is typically the desired behavior.

apps/web/migrations/meta/_journal.json (1)

18-25: LGTM! Proper migration tracking.

The journal entry correctly tracks the new migration with sequential indexing and consistent formatting. The timestamp and tag properly correspond to the migration file.

packages/auth/src/index.ts (1)

7-8: Approve addition of the keys module export

• packages/auth/src/keys.ts exists and exports a keys() function using createEnv
• packages/auth/package.json exports include "./keys": "./src/keys.ts"

This aligns with the existing export patterns and centralizes environment-variable management as intended.

apps/web/package.json (3)

24-25: LGTM! Environment management dependencies properly added.

The addition of @t3-oss/env-core and @t3-oss/env-nextjs dependencies supports the centralized, type-safe environment variable management refactoring seen throughout the codebase.

---

41-41: Next.js minor version upgrade looks good.

The upgrade from ^15.3.4 to ^15.4.1 is a minor version bump that should be safe and may include bug fixes and improvements.

---

50-50: react-markdown addition supports new functionality.

The addition of react-markdown at version ^10.1.0 appears to support markdown rendering capabilities, likely for the roadmap page mentioned in the AI summary.

packages/db/src/index.ts (3)

4-4: Good addition of centralized environment configuration.

The import of the keys function supports the type-safe environment variable management refactoring.

---

6-6: Excellent refactoring to use validated environment variables.

Replacing direct process.env.DATABASE_URL access with the validated DATABASE_URL from keys() improves type safety and centralizes environment configuration. The keys() function from packages/db/src/keys.ts properly validates that DATABASE_URL starts with postgres:// or postgresql://.

---

12-12: Database client initialization properly uses validated environment variable.

Using the validated DATABASE_URL from the centralized configuration maintains the same functionality while improving type safety.

apps/web/src/middleware.ts (2)

3-3: Good addition of centralized environment configuration.

The import of the env object supports the type-safe environment variable management refactoring.

---

13-13: Excellent refactoring to use validated NODE_ENV.

Replacing process.env.NODE_ENV with env.NODE_ENV improves type safety while maintaining the same conditional logic. The env object from apps/web/src/env.ts provides validated access to NODE_ENV with proper typing.

apps/web/src/lib/rate-limit.ts (2)

4-4: Good addition of centralized environment configuration.

The import of the env object supports the type-safe environment variable management refactoring.

---

7-8: Excellent refactoring to use validated Redis configuration.

Replacing direct process.env access with env.UPSTASH_REDIS_REST_URL and env.UPSTASH_REDIS_REST_TOKEN improves type safety while maintaining the same Redis client configuration. The env object from apps/web/src/env.ts validates these as proper string/URL types.

packages/db/package.json (3)

11-11: Good addition of keys export.

The new export path "./keys": "./src/keys.ts" properly exposes the centralized environment configuration functionality to other packages.

---

20-20: Appropriate dependency addition for environment management.

The @t3-oss/env-nextjs dependency at version ^0.13.8 is required for the createEnv functionality used in the new keys.ts module.

---

23-23: Zod dependency properly supports environment validation.

The zod dependency at version ^4.0.5 is required for the schema validation in the environment configuration setup.

apps/web/src/components/footer.tsx (3)

6-6: LGTM: Discord icon import added correctly.

The RiDiscordFill import follows the existing pattern and is properly used in the component.

---

62-69: LGTM: Discord social link implementation.

The Discord link follows the same structure and styling as the existing GitHub and Twitter links, maintaining consistency in the footer's social media section.

---

78-84: LGTM: Roadmap link added to Resources section.

The roadmap link is properly integrated into the Resources section with consistent styling and structure.

apps/web/drizzle.config.ts (2)

3-3: LGTM: Centralized environment import.

The import of the centralized env object improves type safety and consistency across the codebase.

---

16-16: LGTM: Using validated environment variables.

The replacement of direct process.env access with the validated env object provides better type safety and validation.

Also applies to: 19-19

packages/auth/src/client.ts (3)

2-2: LGTM: Centralized keys import.

The import of the keys function aligns with the codebase's move towards centralized environment variable management.

---

4-4: LGTM: Type-safe environment variable access.

Destructuring NEXT_PUBLIC_BETTER_AUTH_URL from the validated keys() function provides better type safety and URL validation compared to direct process.env access.

---

7-7: LGTM: Using validated environment variable.

The baseURL now uses the validated environment variable, which ensures it's a proper URL string as enforced by the zod schema in the keys function.

packages/auth/package.json (1)

11-11: LGTM: Keys module export added.

The new export path makes the keys module available as part of the package's public API, supporting the centralized environment variable management.

packages/db/drizzle.config.ts (3)

3-3: LGTM: Centralized keys import.

The import of the keys function provides validated environment variables with proper schema validation.

---

5-5: LGTM: Type-safe environment variable destructuring.

Destructuring from the validated keys() function ensures NODE_ENV is a proper enum value and DATABASE_URL follows the correct PostgreSQL URL format.

---

21-21: LGTM: Using validated environment variables.

The replacement of direct process.env access with validated variables from the keys() function provides better type safety and ensures proper PostgreSQL URL format validation.

Also applies to: 24-24

packages/auth/src/keys.ts (1)

1-16: LGTM! Excellent centralized environment variable management.

This implementation follows best practices for type-safe environment variable handling using @t3-oss/env-nextjs and zod. The separation of server and client variables is appropriate for Next.js, and the URL validation for NEXT_PUBLIC_BETTER_AUTH_URL adds an extra layer of safety.

The pattern is consistent with the similar implementation in packages/db/src/keys.ts, promoting a unified approach across the codebase.

packages/db/src/keys.ts (1)

1-19: LGTM! Robust database environment variable validation.

The implementation provides excellent validation for database-related environment variables:

• NODE_ENV enum validation with sensible default prevents invalid environment modes
• DATABASE_URL validation supports both postgres:// and postgresql:// prefixes, accommodating common variations
• Server-only configuration is appropriate for database credentials

The pattern aligns well with the auth package's approach, creating consistency across the codebase.

apps/web/src/hooks/auth/useSignUp.ts (1)

5-25: Excellent user-friendly error messaging implementation.

The getFriendlySignUpError helper function effectively addresses the PR objective by providing clear, user-friendly error messages for common signup issues. The error mapping is comprehensive and covers:

• Duplicate account scenarios
• Email validation issues
• Password strength requirements
• Rate limiting
• Network connectivity problems

The fallback to the original message ensures no errors are lost while still improving the user experience for common cases.

apps/web/src/env.ts (1)

1-27: Excellent centralized environment configuration using composition.

This implementation elegantly combines environment schemas from multiple sources using the extends pattern:

• Vercel preset for deployment-specific variables
• Auth and DB keys for package-specific environment variables
• Additional app-specific variables (Redis, analysis tools)

The composition approach promotes maintainability and ensures consistency across the application stack.

packages/auth/src/server.ts (1)

4-6: LGTM! Improved environment variable management.

The refactor to use the centralized keys() function provides type-safe access to environment variables and replaces direct process.env usage. This aligns with the broader effort to standardize environment variable handling across the codebase.

apps/web/src/hooks/auth/useLogin.ts (2)

5-25: Excellent error mapping implementation!

The getFriendlyLoginError helper function provides comprehensive coverage of common authentication error scenarios with user-friendly messaging. The case-insensitive matching and fallback to the original message ensure robust error handling.

---

45-45: Good integration of the error helper!

The helper function is properly integrated for email login error handling.

apps/web/migrations/meta/0002_snapshot.json (1)

1-359: Database schema snapshot looks appropriate.

This is a generated migration snapshot file that properly defines the database schema with appropriate table structures, foreign key relationships, and row-level security enabled. The schema appears consistent with a typical authentication system.

apps/web/src/app/roadmap/page.tsx (2)

119-247: Excellent component implementation!

The RoadmapPage component is well-structured with:

• Proper TypeScript usage and React patterns
• Responsive design with Tailwind CSS
• Good accessibility with semantic HTML
• Proper integration with existing design system components
• Well-configured ReactMarkdown with custom link and text styling
• Nice visual touches with background gradients

The component follows the app's established patterns and provides a great user experience.

---

92-117: Metadata configuration and Open Graph image verification complete.

The referenced image exists at apps/web/public/open-graph/roadmap.jpg, which aligns with the URL /open-graph/roadmap.jpg in your metadata. No further changes are required.

apps/web/src/constants/timeline-constants.ts (1)

77-77: LGTM! Consistent addition of image duration constant.

The new DEFAULT_IMAGE_DURATION constant follows the same pattern as DEFAULT_TEXT_DURATION and provides a sensible default value.

apps/web/src/components/editor/media-panel/views/text.tsx (1)

46-48: LGTM! Clean integration with timeline store.

The onAddToTimeline callback properly integrates with the timeline store's addTextAtTime method, allowing seamless addition of text elements to the timeline.

apps/web/src/components/editor/media-panel/views/media.tsx (2)

211-211: LGTM! Improved layout and user experience.

Removing the "Add media" button from the top control bar and repositioning it below the "No media in project" message creates a more intuitive user flow.

---

292-296: LGTM! Clean timeline integration.

The onAddToTimeline callback properly integrates media items with the timeline store, enabling direct addition of media from the panel to the timeline at the current time.

apps/web/src/components/editor/snap-indicator.tsx (1)

16-54: LGTM! Well-implemented snap indicator component.

The component provides clean visual feedback for snapping functionality with:

• Proper position calculations accounting for zoom and track labels
• Appropriate styling with opacity and z-index
• Disabled pointer events to avoid interaction interference
• Good conditional rendering logic

The implementation follows React best practices and integrates well with the timeline system.

apps/web/src/components/editor/timeline-track.tsx (1)

1-1000: Inconsistency between PR objectives and actual changes.

The PR description mentions "Improve login and signup error feedback for better user experience," but these changes implement timeline snapping functionality. Please verify that the correct files are being reviewed for this PR.

Technical implementation looks solid.

The snapping integration is well-implemented with:

• Proper conditional logic between snapping and frame-based positioning
• Clean snap point notification management
• Good separation of concerns with the useTimelineSnapping hook
• Appropriate snap point clearing on drag end

Likely an incorrect or invalid review comment.

apps/web/src/components/editor/timeline-playhead.tsx (1)

1-117: PR content mismatch: Timeline editor changes instead of login/signup error feedback

The PR objectives state this is about "Improve login and signup error feedback for better user experience", but this file contains timeline editor functionality for visual snapping feedback. This appears to be content from a different PR.

Likely an incorrect or invalid review comment.

apps/web/src/components/editor/timeline-element.tsx (1)

1-471: PR content mismatch: Timeline element rendering instead of login/signup improvements

This file implements tiled background rendering for timeline media elements, which is unrelated to the PR's stated objective of improving login and signup error feedback.

Likely an incorrect or invalid review comment.

apps/web/src/components/ui/draggable-item.tsx (1)

1-167: PR content mismatch: Draggable timeline items instead of authentication error handling

This file adds timeline editing features for draggable media items, which doesn't align with the PR objective of improving login and signup error feedback.

Likely an incorrect or invalid review comment.

apps/web/src/hooks/use-timeline-snapping.ts (1)

1-179: PR content mismatch: Timeline snapping logic instead of authentication UX improvements

This new hook implements timeline element snapping functionality, which is completely unrelated to the PR's stated goal of enhancing login and signup error messages for better user experience.

Likely an incorrect or invalid review comment.

apps/web/src/components/editor/timeline.tsx (1)

1-1076: PR content mismatch: Timeline editor implementation instead of authentication error feedback

This comprehensive timeline component adds snapping functionality, drag-and-drop improvements, and UI enhancements for video editing. However, the PR is supposed to be about "Improve login and signup error feedback for better user experience" according to the objectives.

None of the code changes in this file relate to:

• Login/signup pages
• Error messaging
• Authentication feedback
• User experience during failed login/signup attempts

This appears to be content from an entirely different pull request.

Please verify that the correct files are being reviewed for PR #369. The PR objectives mention authentication improvements, but all provided files contain timeline editor functionality.

Likely an incorrect or invalid review comment.

apps/web/src/stores/timeline-store.ts (7)

52-56: Well-structured interface additions for snapping and element management.

The new properties and methods follow good design patterns:

• Clear boolean flag for snapping state with a toggle method
• Consistent method signatures that return success/failure status
• Logical separation between time-specific and track-specific element addition methods

Also applies to: 176-186

---

230-231: Correct implementation of snapping toggle functionality.

The snapping feature is properly implemented with sensible defaults (enabled by default) and uses the correct Zustand pattern for state updates.

Also applies to: 980-983

---

985-1008: Robust overlap detection implementation.

The method correctly handles all overlap scenarios and edge cases:

• Proper calculation of effective element boundaries considering trim values
• Comprehensive overlap checks covering all possible time range intersections
• Defensive programming with track existence validation

---

1010-1022: Smart track management strategy.

The implementation correctly handles different track types:

• Always creating new text tracks enables multiple text overlays (good for video editing UX)
• Reusing existing media/audio tracks follows standard video editing patterns

---

1024-1048: Well-implemented media addition with overlap protection.

The method properly handles media placement:

• Correct track type selection based on media type
• User-friendly error feedback via toast notifications
• Proper use of constants for default durations
• Complete element initialization with all required properties

---

1050-1075: Verify if text overlap checking is intentionally omitted.

The implementation provides good defaults for text properties, but unlike addMediaAtTime, it doesn't check for element overlap. This might be intentional (allowing text overlays), but please confirm this design decision.

If overlap checking should be added, consider implementing it similar to the media method. Otherwise, consider adding a comment explaining why text elements can overlap.

---

1077-1091: Clean implementation for adding media at track start.

The method correctly leverages existing functionality and places elements at time 0, which is appropriate for new track creation or reuse scenarios.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Verify bg-foreground / text-background tokens exist and meet WCAG contrast

The tooltip background / text colours were inverted from the typical bg-primary text-primary-foreground pair to bg-foreground text-background.
That only works if both utility classes are present in your Tailwind config and the resulting colour combination passes the required contrast ratio in light- and dark-mode themes.

If either token is missing, the tooltip will render with default transparent/inherit values and become invisible or unreadable.

Run the script below to confirm the colour tokens are defined:

---

🏁 Script executed:

#!/usr/bin/env bash
# Verify that `foreground` and `background` colour tokens exist in Tailwind config
set -e

fd tailwind.config.js | while read -r cfg; do
  echo "⮞ Checking $cfg"
  if ! rg -q '"foreground":' "$cfg"; then
    echo "  ❌  missing 'foreground' token"
  fi
  if ! rg -q '"background":' "$cfg"; then
    echo "  ❌  missing 'background' token"
  fi
done

Length of output: 46

---

Let’s search for all Tailwind config variants and explicitly check for both tokens:

---

🏁 Script executed:

#!/usr/bin/env bash
# Locate all Tailwind config files and verify 'foreground' and 'background' tokens
set -e

configs=$(fd --extension js --extension ts --extension cjs --extension mjs '^tailwind.config\.' -t f)
if [ -z "$configs" ]; then
  echo "⚠️ No Tailwind config file found"
  exit 0
fi

for cfg in $configs; do
  echo "⮞ Checking $cfg"
  if rg -q '"foreground":' "$cfg"; then
    echo "  ✅ 'foreground' token found"
  else
    echo "  ❌ missing 'foreground' token"
  fi

  if rg -q '"background":' "$cfg"; then
    echo "  ✅ 'background' token found"
  else
    echo "  ❌ missing 'background' token"
  fi
done

Length of output: 548

---

Define missing foreground and background color tokens in your Tailwind config

The classes bg-foreground and text-background are currently undefined in apps/web/tailwind.config.ts, so the tooltip will render with no background or inherited text color. You need to add both tokens (and verify their WCAG contrast in light/dark modes):

• File to update:
• apps/web/tailwind.config.ts – under theme.extend.colors
• Example snippet (adjust values to match your design tokens):

// tailwind.config.ts
export default {
  // …
  theme: {
    extend: {
      colors: {
        foreground: {
          DEFAULT: 'hsl(var(--color-foreground) / <alpha-value>)',
        },
        background: {
          DEFAULT: 'hsl(var(--color-background) / <alpha-value>)',
        },
      },
    },
  },
  // …
}

• After adding, confirm in both light and dark themes that bg-foreground/text-background meets the required contrast ratios.

🤖 Prompt for AI Agents

In apps/web/src/components/ui/tooltip.tsx at line 23, the Tailwind CSS classes
bg-foreground and text-background are used but not defined in the Tailwind
configuration. To fix this, open apps/web/tailwind.config.ts and add foreground
and background color tokens under theme.extend.colors with appropriate HSL
values referencing CSS variables, ensuring they support alpha transparency.
After adding these tokens, verify that the tooltip's background and text colors
meet WCAG contrast requirements in both light and dark modes.