fix: handles MissingStateCookieError error during auth

[stalniy]

Why

Ref #2464

What

Summary by CodeRabbit

• Bug Fixes
  • Improved authentication error handling: when session state is missing, users are redirected to the login page and logs now include error details for better troubleshooting.
  • When unexpected authentication errors occur, the system now returns a clear 500 response with a generic error message instead of surfacing internal errors, while still reporting the issue for investigation.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: f12b439a-3fa3-4aa6-a669-31adee65e28a

📥 Commits

Reviewing files that changed from the base of the PR and between 247e620 and 94b3426.

📒 Files selected for processing (1)

• apps/deploy-web/src/pages/api/auth/[...auth0].ts

---

📝 Walkthrough

Walkthrough

Updated the Auth0 callback handler to adjust logging and error flow: added a file-level v8 ignore header, include the caught error in the missing-state-cookie log, and stop throwing on general callback errors—returning HTTP 500 JSON instead—while preserving error reporting and the redirect-to-/login for missing state.

Changes

Cohort / File(s)	Summary
Auth Callback Handler apps/deploy-web/src/pages/api/auth/[...auth0].ts	Added /* v8 ignore start */ file header; include caught error in the AUTH_CALLBACK_MISSING_STATE_COOKIE log payload; preserve redirect to /login for missing-state-cookie; changed AUTH_CALLBACK_ERROR path to no longer re-throw the error and instead respond with HTTP 500 and a JSON message; error reporting/logging still invoked. No public signatures changed.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐇 I nibble the callback, gentle and spry,

If state-cookie's gone, I log and I fly,
For other big errors I return a small cry —
"Try again later" — then onward I hop by.

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description includes the required 'Why' section with an issue reference, but the 'What' section is incomplete with only template comments and no actual description of changes.	Complete the 'What' section by describing the specific changes made to handle the MissingStateCookieError, even though coderabbit can autocomplete it.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely describes the main change: handling the MissingStateCookieError during authentication flow.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/login-missing-state

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 56.50%. Comparing base (c307c29) to head (94b3426).
⚠️ Report is 3 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2843      +/-   ##
==========================================
- Coverage   57.19%   56.50%   -0.69%     
==========================================
  Files        1020      982      -38     
  Lines       23766    22826     -940     
  Branches     5863     5724     -139     
==========================================
- Hits        13593    12898     -695     
+ Misses       8859     8630     -229     
+ Partials     1314     1298      -16     

Flag	Coverage Δ		*Carryforward flag
api	79.21% <ø> (ø)		Carriedforward from c307c29
deploy-web	40.55% <ø> (+0.24%)	⬆️
log-collector	?
notifications	85.86% <ø> (ø)		Carriedforward from c307c29
provider-console	81.48% <ø> (ø)		Carriedforward from c307c29
provider-proxy	85.93% <ø> (ø)		Carriedforward from c307c29
tx-signer	?

*This pull request uses carry forward flags. Click here to find out more.
see 40 files with indirect coverage changes

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.