Make email optional for GitHub OAuth login

.changeset/fix-missing-email-error.md

@@ -0,0 +1,5 @@
+---
+'outstatic': patch
+---
+
+Allow GitHub OAuth login without an email address on the user's account.

packages/outstatic/src/app/api/auth/callback.ts

@@ -151,7 +151,7 @@ export default async function GET(request: NextRequest) {
 
   const code = url.searchParams.get('code') as string | null
   if (!code) {
-    return NextResponse.json({ error: 'missing_code' }, { status: 400 })
+    return NextResponse.redirect(`${dashboardUrl}?error=missing-code`)
   }
 
   try {
@@ -163,7 +163,7 @@ export default async function GET(request: NextRequest) {
     } = await getAccessToken({ code })
 
     if (!access_token) {
-      return NextResponse.json({ error: 'no_access_token' }, { status: 401 })
+      return NextResponse.redirect(`${dashboardUrl}?error=no-access-token`)
     }
 
     let userData = await fetchGitHubUser(access_token)
@@ -184,7 +184,7 @@ export default async function GET(request: NextRequest) {
       }
     }
 
-    if (userData && userData.email && access_token) {
+    if (userData && access_token) {
       const { name, login, email, avatar_url } = userData
 
       // Fetch project info from SaaS to get repo owner/slug
@@ -329,9 +329,10 @@ export default async function GET(request: NextRequest) {
         return NextResponse.redirect(redirectUrl)
       }
     } else {
-      return NextResponse.json({ error: 'missing_user_data' }, { status: 403 })
+      const redirectUrl = `${dashboardUrl}?error=missing-user-data`
+      return NextResponse.redirect(redirectUrl)
     }
   } catch {
-    return NextResponse.json({ error: 'auth_callback_failed' }, { status: 500 })
+    return NextResponse.redirect(`${dashboardUrl}?error=auth-callback-failed`)
   }
 }

packages/outstatic/src/components/admin-header.tsx

@@ -158,7 +158,7 @@ const AdminHeaderComponent = () => {
                       <div className="text-muted-foreground">Signed in as:</div>
                       <div>
                         <span className="block truncate">
-                          {session?.user?.email}
+                          {session?.user?.email || session?.user?.login}
                         </span>
                       </div>
                     </div>

packages/outstatic/src/utils/auth/auth.ts

@@ -23,7 +23,7 @@ export type LoginSession = {
   user: {
     name: string
     login: string
-    email: string
+    email?: string
     image: string
     permissions?: AppPermissions[]
   }
@@ -127,7 +127,8 @@ function validateSession(session: any): session is LoginSession {
     session.user &&
     typeof session.user.name === 'string' &&
     typeof session.user.login === 'string' &&
-    typeof session.user.email === 'string' &&
+    (session.user.email === undefined ||
+      typeof session.user.email === 'string') &&
     typeof session.user.image === 'string' &&
     typeof session.access_token === 'string' &&
     isValidDate(session.expires)

packages/outstatic/src/utils/errors/login-errors.tsx

@@ -93,7 +93,19 @@ const loginErrors = {
       Please try again. If the problem persists, check your callback origins and
       API key configuration.
     </>
-  )
+  ),
+  'missing-user-data': (
+    <>
+      We couldn&apos;t retrieve your user data from GitHub. <br />
+      Please try again. If the problem persists, check that your GitHub account
+      is in good standing.
+    </>
+  ),
+  'missing-code':
+    'Login failed: no authorization code was received from GitHub. Please try again.',
+  'no-access-token':
+    'Login failed: could not obtain an access token from GitHub. Please check your OAuth app credentials and try again.',
+  'auth-callback-failed': 'Something went wrong during login. Please try again.'
 }
 
 export default loginErrors