[HOLD for payment 2023-07-17] [$1000] Web - Log in - Inconsistency between signin button and 2FA button

[kbecciv]

If you haven’t already, check out our contributing guidelines for onboarding and email contributors@expensify.com to request to join our Slack channel!

---

Action Performed:

1. Go to settings -> security -> 2FA
2. Copy/ download codes and continue
3. Meanwhile download the authenticator application. Now, Scan the QR.
4. Now type the generated code.
5. Notice that the "loading sign along with the next button" is displayed as disabled before moving to the next page. ( even when the correct code is typed)
6. However, if similar steps are followed (i.e after typing magic code ) on the signing page, "the loading bar on sign-in button" is shown enabled.

Expected Result:

Consistency between the buttons. i.e. after typing the correct magic code on singin page or the 2FA code on the authentication page, buttons should either be enabled or disabled on both pages.

Actual Result:

Next button on authentication page is shown disabled before moving to next page, even when the correct 2FAcode is entered.

Workaround:

Unknown

Platforms:

Which of our officially supported platforms is this issue occurring on?

• Android / native
• Android / Chrome
• iOS / native
• iOS / Safari
• MacOS / Chrome / Safari
• MacOS / Desktop

Version Number: 1.3.28.3

Reproducible in staging?: yes

**Reproducible in production?:**yes

If this was caught during regression testing, add the test name, ID and link from TestRail:

Email or phone of affected tester (no customers):

Logs: https://stackoverflow.com/c/expensify/questions/4856

Notes/Photos/Videos: Any additional supporting documentation

Untitled_trimmed.1.mov

Recording.725.mp4

Expensify/Expensify Issue URL: @ashimsharma10

Issue reported by: https://expensify.slack.com/archives/C049HHMV9SM/p1686219682890139

Slack conversation:

View all open jobs on GitHub

Upwork Automation - Do Not Edit

• Upwork Job URL: https://www.upwork.com/jobs/~01b8ad74604f91854d
• Upwork Job ID: 1671877459838341120
• Last Price Increase: 2023-06-29

[melvin-bot]

Triggered auto assignment to @johncschuster (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details.

[melvin-bot]

Bug0 Triage Checklist (Main S/O)

• This "bug" occurs on a supported platform (ensure Platforms in OP are ✅)
• This bug is not a duplicate report (check E/App issues and #expensify-bugs)
  • If it is, comment with a link to the original report, close the issue and add any novel details to the original issue instead
• This bug is reproducible using the reproduction steps in the OP. S/O
  • If the reproduction steps are clear and you're unable to reproduce the bug, check with the reporter and QA first, then close the issue.
  • If the reproduction steps aren't clear and you determine the correct steps, please update the OP.
• This issue is filled out as thoroughly and clearly as possible
  • Pay special attention to the title, results, platforms where the bug occurs, and if the bug happens on staging/production.
• I have reviewed and subscribed to the linked Slack conversation to ensure Slack/Github stay in sync

[johncschuster]

I don't think this behavior is a bug. I've asked in Slack to get a second opinion.

[johncschuster]

Bumped my thread since I didn't get any responses.

[melvin-bot]

Job added to Upwork: https://www.upwork.com/jobs/~01b8ad74604f91854d

[melvin-bot]

Current assignee @johncschuster is eligible for the External assigner, not assigning anyone new.

[melvin-bot]

Triggered auto assignment to Contributor-plus team member for initial proposal review - @mollfpr (External)

[tienifr]

Proposal

Please re-state the problem that we are trying to solve in this issue.

Web - Log in - Inconsistency between signin button and 2FA button

What is the root cause of that problem?

App/src/pages/settings/Security/TwoFactorAuth/VerifyPage.js

Lines 146 to 151 in 6183609

	<Button
	success
	text={props.translate('common.next')}
	isDisabled
	isLoading={props.account.isLoading}
	/>

We're putting isDisabled to Button. But I think we shouldn't do that because the disabled button is worthless

What changes do you think we should make in order to solve the problem?

In BaseTwoFactorAuthForm, use useImperativeHandle and forwardRef to let the parent (VerifyPage) use validateAndSubmitForm function. Edit the validateAndSubmitForm function a bit to blur the input if we press next button.

In VerifyPage, remove isDisabled and call validateAndSubmitForm if user press next button

                        onPress={()=>{
                            ref.current.validateAndSubmitForm()
                        }}

Result

Screen.Recording.2023-06-23.at.12.39.10.mov

What alternative solutions did you explore? (Optional)

Remove 2FA button in VerifyPage

[mollfpr]

Thanks @tienifr, for the proposal.

I'm not sure using useImperativeHandle feels over-engineered. Why can't we move the button to BaseTwoFactorAuthForm and fix the positioning?

[tienifr]

@mollfpr Yeah, I tried it but the BaseTwoFactorAuthForm is placed in ScrollView and we want the next button stays outside the ScrollView to show it even on the small screen height. And I don't see any places on our code that we put FixedFooter stays inside ScrollView. That why I want to use useImperativeHandle, and we also used it in other pages

[mollfpr]

I tried it but the BaseTwoFactorAuthForm is placed in ScrollView and we want the next button stays outside the ScrollView to show it even on the small screen height. And I don't see any places on our code that we put FixedFooter stays inside ScrollView.

Okay that makes sense

That why I want to use useImperativeHandle, and we also used it in other pages

@tienifr Could you give an example of which page it is?

[tienifr]

@mollfpr Here you are

App/src/components/MagicCodeInput.js

Line 114 in 52a1891

useImperativeHandle(props.innerRef, () => ({

In MagicCodeInput, we're using useImperativeHandle

[melvin-bot]

📣 It's been a week! Do we have any satisfactory proposals yet? Do we need to adjust the bounty for this issue? 💸

[melvin-bot]

@johncschuster @mollfpr this issue was created 2 weeks ago. Are we close to approving a proposal? If not, what's blocking us from getting this issue assigned? Don't hesitate to create a thread in #expensify-open-source to align faster in real time. Thanks!

[mollfpr]

Sorry for the delay @tienifr 🙏

I'm okay with useImperativeHandle and I don't see any drawback for now. @johncschuster the proposal looks good to me 🚀

🎀 👀 🎀 C+ reviewed!

[melvin-bot]

Triggered auto assignment to @AndrewGable, see https://stackoverflow.com/c/expensify/questions/7972 for more details.

[melvin-bot]

📣 @tienifr 🎉 An offer has been automatically sent to your Upwork account 🎉

Contributor - [$1000] Web - Log in - Inconsistency between signin button and 2FA button Please accept the offer and leave a comment on the Github issue letting us know when we can expect a PR to be ready for review 🧑‍💻
Keep in mind: Code of Conduct | Contributing 📖

[mollfpr]

@tienifr Let me know when the PR is ready. Thanks!

[tienifr]

@mollfpr I'm working on it. The PR will be ready in 1 to 2 hours

[melvin-bot]

Reviewing label has been removed, please complete the "BugZero Checklist".

[melvin-bot]

The solution for this issue has been 🚀 deployed to production 🚀 in version 1.3.38-7 and is now subject to a 7-day regression period 📆. Here is the list of pull requests that resolve this issue:

• fix: 20848 enable 2fa button in verify page #22151

If no regressions arise, payment will be issued on 2023-07-17. 🎊

After the hold period is over and BZ checklist items are completed, please complete any of the applicable payments for this issue, and check them off once done.

• External issue reporter - @ashimsharma10
• Contributor that fixed the issue - @tienifr
• Contributor+ that helped on the issue and/or PR - @mollfpr
  Note for BZ: the issue is not eligible for a bonus -JS

As a reminder, here are the bonuses/penalties that should be applied for any External issue:

• Merged PR within 3 business days of assignment - 50% bonus
• Merged PR more than 9 business days after assignment - 50% penalty

[melvin-bot]

BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:

• [@mollfpr] The PR that introduced the bug has been identified. Link to the PR:
• [@mollfpr] The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment:
• [@mollfpr] A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion:
• [@mollfpr] Determine if we should create a regression test for this bug.
• [@mollfpr] If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again.
• [@johncschuster] Link the GH issue for creating/updating the regression test once above steps have been agreed upon:

[mollfpr]

[@mollfpr] The PR that introduced the bug has been identified. Link to the PR:

#18576

[@mollfpr] The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment:

https://github.com/Expensify/App/pull/18576/files#r1266234798

[@mollfpr] A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion:

The regression test should be enough.

[@mollfpr] Determine if we should create a regression test for this bug.
[@mollfpr] If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again.

1. Open the App and go to Settings -> Security -> Two-factor authentication
2. Copy / download codes to continue
3. Keep the input empty and press the Next button
4. Verify that the next button is pressable and the error validation is shown "Please enter your two-factor authentication code"
5. Put less than 6 digits to the input and press the Next button
6. Verify that the next button is pressable and the error validation is shown "Incorrect two-factor authentication code. Please try again."
7. Now put the correct code from your authenticator app
8. Verify that it automatically submit the form and moves you to the next page
9. 👍 or 👎

[johncschuster]

@ashimsharma10 I've just sent you an invite on Upwork. Can you please accept the job?

[johncschuster]

Payment has been issued to @tienifr and @mollfpr. I'll get the regression test issue going shortly.

[ashimsharma10]

@johncschuster Accepted . Waiting for payment

[johncschuster]

Thanks, @ashimsharma10! Payment has been issued.

I'll get the regression steps in a GH on Monday and we can close this out.

[melvin-bot]

@AndrewGable, @johncschuster, @mollfpr, @tienifr Uh oh! This issue is overdue by 2 days. Don't forget to update your issues!

[johncschuster]

Summary of payment issued:
External issue reporter - @ashimsharma10 - $250
Contributor that fixed the issue - @tienifr - $1000
Contributor+ that helped on the issue and/or PR - @mollfpr - $1000