[HOLD for payment 2023-10-23] [HOLD for payment 2023-10-23] [$500] Security - Error message displays briefly after reopening the 2FA step 2 page

[kbecciv]

If you haven’t already, check out our contributing guidelines for onboarding and email [email protected] to request to join our Slack channel!

---

Action Performed:

1. Go to Settings > Security > Two-factor authentication
2. Click on the Copy button
3. Click on the Next button
4. Enter an invalid code
5. When the error message shows up, click on the back icon
6. Click on the Next button again

Expected Result:

Error message is not displayed after reopening the 2FA step 2 page

Actual Result:

Error message is briefly displayed after reopening the 2FA step 2 page

Workaround:

Unknown

Platforms:

Which of our officially supported platforms is this issue occurring on?

• Android / native
• Android / Chrome
• iOS / native
• iOS / Safari
• MacOS / Chrome / Safari
• MacOS / Desktop

Version Number: 1.3.78.0
Reproducible in staging?: y
Reproducible in production?: y
If this was caught during regression testing, add the test name, ID and link from TestRail:
Email or phone of affected tester (no customers):
Logs: https://stackoverflow.com/c/expensify/questions/4856
Notes/Photos/Videos: Any additional supporting documentation

640eac02-0680-49b9-840e-b71eeb9e187d.MP4

4cf1cf6e-2a8a-4e29-9918-629a35898ec5.MP4

RPReplay_Final1696315393.MP4

Screen.Recording.2023-10-03.at.12.17.18.PM.mov

RPReplay_Final1696252437.MP4

Screen.Recording.2023-10-02.at.6.11.33.PM.mov

Recording.4876.mp4

Expensify/Expensify Issue URL:
Issue reported by: @adeel0202
Slack conversation: https://expensify.slack.com/archives/C049HHMV9SM/p1696253182828299

View all open jobs on GitHub

Upwork Automation - Do Not Edit

• Upwork Job URL: https://www.upwork.com/jobs/~01c5525a081fe174f8
• Upwork Job ID: 1709982659785621504
• Last Price Increase: 2023-10-05
• Automatic offers:
• s77rt | Reviewer | 27149433
• studentofcoding | Contributor | 27149434
• adeel0202 | Reporter | 27149435

[melvin-bot]

Job added to Upwork: https://www.upwork.com/jobs/~01c5525a081fe174f8

[melvin-bot]

Triggered auto assignment to @alexpensify (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details.

[melvin-bot]

Bug0 Triage Checklist (Main S/O)

• This "bug" occurs on a supported platform (ensure Platforms in OP are ✅)
• This bug is not a duplicate report (check E/App issues and #expensify-bugs)
  • If it is, comment with a link to the original report, close the issue and add any novel details to the original issue instead
• This bug is reproducible using the reproduction steps in the OP. S/O
  • If the reproduction steps are clear and you're unable to reproduce the bug, check with the reporter and QA first, then close the issue.
  • If the reproduction steps aren't clear and you determine the correct steps, please update the OP.
• This issue is filled out as thoroughly and clearly as possible
  • Pay special attention to the title, results, platforms where the bug occurs, and if the bug happens on staging/production.
• I have reviewed and subscribed to the linked Slack conversation to ensure Slack/Github stay in sync

[melvin-bot]

Triggered auto assignment to Contributor-plus team member for initial proposal review - @s77rt (External)

[DylanDylann]

Proposal

Please re-state the problem that we are trying to solve in this issue.

Error message displays briefly after reopening the 2FA step 2 page

What is the root cause of that problem?

When we enter the wrong 2FA code, we will update the errors in the onyx account, and back to step 1 return to step 2, we still have errors in the onyx account until the function clearAccountMessages in here is finished running.

What changes do you think we should make in order to solve the problem?

In here We should clear errors in account when we back to step 1

    useEffect(()=>() => Session.clearAccountMessages(), [])

What alternative solutions did you explore? (Optional)

[studentofcoding]

Proposal

Please re-state the problem that we are trying to solve in this issue

Security - Error message displays briefly after reopening the 2FA step 2 page

What is the root cause of that problem?

The root cause of the problem is that the error message is not being cleared when changing pages. The error message is stored in the account object and is not being reset when navigating away from the VerifyStep component.

What changes do you think we should make in order to solve the problem?

To solve the problem, we need to clear the error message when changing pages. This can be done by adding a cleanup function to the useEffect hook in the src/pages/settings/Security/TwoFactorAuth/Steps/VerifyStep.js component.

Here's the updated code:

useEffect(() => {
    Session.clearAccountMessages();
    return () => {
        Session.clearAccountMessages();
    };
}, []);

By adding the cleanup function, Session.clearAccountMessages() will be called when the component is unmounted, effectively clearing the error message.

This change should reset and remove the error message when changing pages in the Security section.

Result

Fix.mp4

What alternative solutions did you explore? (Optional)

None

cc: @alexpensify @s77rt

[s77rt]

@DylanDylann Thanks for the proposal. Your RCA makes sense. The solution is mostly okay except that I think we should clear the error in the responsible page and not the component i.e. in VerifyStep and not TwoFactorAuthForm.

[s77rt]

@studentofcoding Thanks for the proposal. Your RCA is correct and the solution makes sense.

🎀 👀 🎀 C+ reviewed
Link to proposal

[melvin-bot]

Triggered auto assignment to @grgia, see https://stackoverflow.com/c/expensify/questions/7972 for more details.

[s77rt]

Not overdue. @grgia #28937 (comment)

[alexpensify]

I've reached out in chat

[melvin-bot]

📣 @s77rt 🎉 An offer has been automatically sent to your Upwork account for the Reviewer role 🎉 Thanks for contributing to the Expensify app!

Offer link
Upwork job

[melvin-bot]

📣 @studentofcoding 🎉 An offer has been automatically sent to your Upwork account for the Contributor role 🎉 Thanks for contributing to the Expensify app!

Offer link
Upwork job
Please accept the offer and leave a comment on the Github issue letting us know when we can expect a PR to be ready for review 🧑‍💻
Keep in mind: Code of Conduct | Contributing 📖

[melvin-bot]

📣 @adeel0202 🎉 An offer has been automatically sent to your Upwork account for the Reporter role 🎉 Thanks for contributing to the Expensify app!

Offer link
Upwork job

[studentofcoding]

It's ready to be review @s77rt

[melvin-bot]

🎯 ⚡️ Woah @s77rt / @studentofcoding, great job pushing this forwards! ⚡️

The pull request got merged within 3 working days of assignment, so this job is eligible for a 50% #urgency bonus 🎉

• when @studentofcoding got assigned: 2023-10-11 20:49:47 Z
• when the PR got merged: 2023-10-13 11:34:06 UTC

On to the next one 🚀

[melvin-bot]

Reviewing label has been removed, please complete the "BugZero Checklist".

[melvin-bot]

The solution for this issue has been 🚀 deployed to production 🚀 in version 1.3.84-10 and is now subject to a 7-day regression period 📆. Here is the list of pull requests that resolve this issue:

• Fix Error message displays briefly after reopening the 2FA step 2 page #29406

If no regressions arise, payment will be issued on 2023-10-23. 🎊

After the hold period is over and BZ checklist items are completed, please complete any of the applicable payments for this issue, and check them off once done.

• External issue reporter
• Contributor that fixed the issue
• Contributor+ that helped on the issue and/or PR

For reference, here are some details about the assignees on this issue:

• @s77rt requires payment offer (Reviewer)
• @studentofcoding requires payment offer (Contributor)
• @adeel0202 requires payment offer (Reporter)

As a reminder, here are the bonuses/penalties that should be applied for any External issue:

• Merged PR within 3 business days of assignment - 50% bonus
• Merged PR more than 9 business days after assignment - 50% penalty

[melvin-bot]

BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:

• [@s77rt] The PR that introduced the bug has been identified. Link to the PR:
• [@s77rt] The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment:
• [@s77rt] A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion:
• [@s77rt] Determine if we should create a regression test for this bug.
• [@s77rt] If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again.
• [@alexpensify] Link the GH issue for creating/updating the regression test once above steps have been agreed upon:

[melvin-bot]

The solution for this issue has been 🚀 deployed to production 🚀 in version 1.3.84-10 and is now subject to a 7-day regression period 📆. Here is the list of pull requests that resolve this issue:

• Fix Error message displays briefly after reopening the 2FA step 2 page #29406

If no regressions arise, payment will be issued on 2023-10-23. 🎊

After the hold period is over and BZ checklist items are completed, please complete any of the applicable payments for this issue, and check them off once done.

• External issue reporter
• Contributor that fixed the issue
• Contributor+ that helped on the issue and/or PR

For reference, here are some details about the assignees on this issue:

• @s77rt requires payment offer (Reviewer)
• @studentofcoding requires payment offer (Contributor)
• @adeel0202 requires payment offer (Reporter)

As a reminder, here are the bonuses/penalties that should be applied for any External issue:

• Merged PR within 3 business days of assignment - 50% bonus
• Merged PR more than 9 business days after assignment - 50% penalty

[melvin-bot]

BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:

• [@s77rt] The PR that introduced the bug has been identified. Link to the PR:
• [@s77rt] The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment:
• [@s77rt] A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion:
• [@s77rt] Determine if we should create a regression test for this bug.
• [@s77rt] If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again.
• [@alexpensify] Link the GH issue for creating/updating the regression test once above steps have been agreed upon:

[s77rt]

• The PR that introduced the bug has been identified: Fix/19496 2fa steps refactor #23060
• The offending PR has been commented on: Fix/19496 2fa steps refactor #23060 (comment)
• A discussion in #expensify-bugs has been started: Not needed
• Determine if we should create a regression test for this bug: No

[studentofcoding]

Hi guys, as today is the date for the payment, please kindly proceed it, thanks!

@s77rt @alexpensify

[alexpensify]

Here is the payment summary:

@s77rt - Reviewer $750
@studentofcoding - Contributor $750
@adeel0202 - Reporter $50

Upwork Job: https://www.upwork.com/jobs/~01c5525a081fe174f8

*If applicable, the bonuses will be applied on the final payment

Extra Notes regarding payment: There is an urgency bonus - #28937 (comment)

[alexpensify]

Great work, everyone has now been paid via Upwork!

[s77rt]

@alexpensify The total here should be $750. I have refunded the $250.

[alexpensify]

Thanks @s77rt -- it looks like I miscalculated the bonus amounts and I've updated the summary.

[studentofcoding]

Thanks for the payment @alexpensify, but yes it should be $750. How do I refund the remaining $250? (also Upwork already deducted $50 from the bonus, lol)

[s77rt]

@studentofcoding Open the contract page. Click the three dots button > Give a refund

[alexpensify]

I appreciate your honesty here. I confirmed that all refunds have been sent via Upwork. Thank you!