fix: API handler warning

[DanielRivers]

Explain your changes

When using server routes which redirect warning API handler should not return a value was presented to the console. This resolves this warning

Checklist

• I have read the “Pull requests” section in the contributing guidelines.
• I agree to the terms within the code of conduct.

🛟 If you need help, consider asking for advice over in the Kinde community.

[coderabbitai]

Walkthrough

The pull request introduces changes to several handler functions within the src/handlers directory, specifically modifying how asynchronous operations are handled. The primary alteration involves using the void keyword in return statements to indicate that the results of certain asynchronous calls are intentionally ignored. This change applies to the appRouterHandler, pagesRouterHandler, callback, login, logout, createOrg, and register functions, while maintaining the overall control flow and error handling logic intact.

Changes

File	Change Summary
src/handlers/auth.js	Modified appRouterHandler and pagesRouterHandler to use void await in return statements, discarding results of asynchronous calls.
src/handlers/callback.ts	Updated callback function to add void in return statements for routerClient.json and routerClient.redirect, indicating no return value.
src/handlers/login.js	Changed return statement in login function to return void routerClient.redirect(authUrl.toString()), altering return value to undefined.
src/handlers/logout.js	Modified return statement in logout function to return void routerClient.redirect(authUrl.toString()), ensuring it returns undefined.
src/handlers/createOrg.js	Updated return statement in createOrg function to return void routerClient.redirect(authUrl.toString()), indicating no meaningful return value.
src/handlers/register.js	Changed return statement in register function to use void in the redirect call, indicating the return value should be ignored.

Possibly related PRs

• fix: Post logout redirect URL #192: The changes in the logout function in src/handlers/logout.js involve modifying the return statement to use void, aligning with the main PR's focus on return values in asynchronous functions.
• fix/remove-api-token-from-cookies #215: Modifications in src/handlers/login.js to change the return statement to void are directly related to the changes in the main PR.
• Next 15 support #226: Changes in src/handlers/auth.js and the introduction of asynchronous behavior in the createKindeManagementAPIClient function are related, as both involve handling asynchronous operations.
• Fix/refresh token #247: Updates to the setup function in src/handlers/setup.ts to improve token validation relate to the main PR's focus on asynchronous operations and return values.

Suggested reviewers

• DaveOrDead
• peterphanouvong

Warning

There were issues while running some tools. Please review the errors and either fix the tool’s configuration or disable the tool if it’s a critical failure.

🔧 eslint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

src/handlers/auth.js

Oops! Something went wrong! :(

ESLint: 8.57.1

ESLint couldn't find the plugin "eslint-plugin-jest".

(The package "eslint-plugin-jest" was not found when loaded as a Node module from the directory "".)

It's likely that the plugin isn't installed correctly. Try reinstalling by running the following:

npm install eslint-plugin-jest@latest --save-dev

The plugin "eslint-plugin-jest" was referenced from the config file in ".eslintrc.json".

If you still can't figure out the problem, please stop by https://eslint.org/chat/help to chat with the team.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between b9aea2e and 2031ea3.

📒 Files selected for processing (6)

• src/handlers/auth.js (2 hunks)
• src/handlers/callback.ts (1 hunks)
• src/handlers/createOrg.js (1 hunks)
• src/handlers/login.js (1 hunks)
• src/handlers/logout.js (1 hunks)
• src/handlers/register.js (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (4)

• src/handlers/auth.js
• src/handlers/callback.ts
• src/handlers/login.js
• src/handlers/logout.js

🔇 Additional comments (2)

src/handlers/createOrg.js (1)

19-19: Verify the redirect handling approach

While using void operator addresses the API handler warning, let's verify if this is the most idiomatic approach for handling redirects in Next.js API routes.

Consider these alternative approaches that might be more idiomatic:

1. Using Next.js's built-in redirect utility
2. Setting response headers directly: res.setHeader('Location', url)
3. Using Response objects: return new Response(null, { status: 302, headers: { Location: url } })

Would you like me to provide examples of these alternative implementations?

✅ Verification successful

Based on the search results, I can now generate a final response as we have sufficient context about the redirect patterns in the codebase.

The void operator usage is correct and consistent with the codebase's architecture

The codebase implements a RouterClient abstraction that handles redirects differently based on the router type (Pages or App router). The void operator is consistently used across all handler files (login.js, logout.js, register.js, callback.ts, createOrg.js) to address the API handler warning while maintaining the routing functionality.

• src/routerClients/AppRouterClient.js uses NextResponse.redirect()
• src/routerClients/PagesRouterClient.js uses res.redirect()
• All handlers consistently use void routerClient.redirect() pattern

The current implementation is the correct approach as it:

1. Maintains consistency across all handlers
2. Works with the codebase's router abstraction
3. Properly handles the API handler warning
4. Supports both Pages and App router implementations

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Search for similar redirect patterns in the codebase and Next.js documentation

# Look for other redirect patterns in the codebase
rg -A 2 "redirect\(" 

# Look for potential Next.js specific redirect imports
rg "import.*redirect.*next|from ['|\"]next" 

Length of output: 4208

src/handlers/register.js (1)

26-26: LGTM! The fix addresses the API handler warning.

The use of void operator effectively prevents the handler from returning a value while maintaining the redirect functionality. This aligns with the PR objective of fixing the "API handler should not return a value" warning.

Let's verify if this is the recommended pattern for Next.js API handlers:

✅ Verification successful

Pattern is consistently used across all auth handlers

The verification shows that the void operator pattern with routerClient.redirect() is consistently implemented across all authentication-related handlers in the codebase:

• src/handlers/register.js
• src/handlers/createOrg.js
• src/handlers/login.js
• src/handlers/logout.js

This consistent implementation across related handlers indicates an established pattern for handling redirects while avoiding the "API handler should not return a value" warning.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Search for similar patterns in the codebase and Next.js documentation

# Check if other handlers in the codebase use the same pattern
echo "Checking other handlers for consistency:"
rg "return void.*redirect" --type js

# Look for Next.js API handler patterns in documentation files
echo "Checking documentation for API handler patterns:"
rg -i "api.*handler.*return" --type md

Length of output: 601

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

🧹 Outside diff range and nitpick comments (2)

src/handlers/auth.js (2)

97-97: Consider optimizing the void operator placement

While using void to explicitly ignore the return value is correct, consider using await void route(routerClient) instead of void await route(routerClient) for better clarity. Both achieve the same result, but await void is more commonly used as it makes it clearer that we're awaiting the operation while discarding its result.

-    return void await route(routerClient);
+    return await void route(routerClient);

---

Line range hint 97-122: Consider adding documentation about void operator usage

The consistent use of void operator to address the "API handler should not return a value" warning is a valid approach. However, consider adding a comment explaining why this pattern is necessary, as it might not be immediately obvious to other developers.

Add a comment like this at the top of the file:

/**
 * Note: We explicitly use the `void` operator to prevent API handlers from returning values,
 * which can trigger Next.js warnings. This ensures that responses are handled through the
 * appropriate Next.js mechanisms (Response object for App Router, res.status().end() for Pages Router).
 */

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 9c99f2f and b9aea2e.

📒 Files selected for processing (4)

• src/handlers/auth.js (2 hunks)
• src/handlers/callback.ts (1 hunks)
• src/handlers/login.js (1 hunks)
• src/handlers/logout.js (1 hunks)

🔇 Additional comments (8)

src/handlers/login.js (1)

26-26: LGTM! The change addresses the API handler warning.

The use of void operator ensures the handler doesn't return a value, which resolves the "API handler should not return a value" warning while maintaining the redirect functionality.

Let's verify if this approach aligns with Next.js best practices:

✅ Verification successful

The void operator usage is consistent with protected API route handlers pattern

The verification shows that:

• The void operator pattern is consistently used across multiple API handlers (login.js, logout.js, auth.js)
• The codebase includes a protectApi higher-order function specifically designed for Next.js API route handlers
• The handlers are properly documented with JSDoc comments indicating their role as API route handlers
• The pattern ensures handlers don't return values while maintaining their functionality

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Search for Next.js API handler patterns in the codebase and documentation

# Check if there are similar patterns in other API handlers
rg -A 2 "return void" --type js

# Look for Next.js API handler documentation or comments
rg -i "api.*handler.*return" --type md

Length of output: 534

---

Script:

#!/bin/bash
# Let's search for more context about API handlers and their patterns

# Look for API handler related imports and configurations
rg -A 2 "import.*handler|export.*handler" --type js

# Search for comments or documentation about API handlers
rg -B 2 -A 2 "@api|API.*handler" --type js --type ts

# Check if there are any Next.js configuration files
fd -e js -e ts -e json "next.config"

# Look for any documentation about API routes
fd README md -x cat {} \; | rg -i "api|route|handler"

Length of output: 1406

src/handlers/callback.ts (5)

40-40: LGTM: Proper use of void operator in error handling

The addition of void operator here correctly prevents the API handler from returning a value while maintaining the error response functionality.

---

44-44: LGTM: Correct handling of absolute URL redirects

The void operator is appropriately used here to prevent value return while maintaining redirect functionality for absolute URLs.

---

46-48: LGTM: Proper handling of relative URL redirects

The void operator is correctly applied to the relative URL redirect, maintaining consistent behavior with the rest of the changes.

---

51-51: LGTM: Proper default redirect handling

The void operator is appropriately used for the default redirect case.

---

40-51: Verify the impact on error handling and redirects

While the changes look correct, let's verify that error handling and redirects still work as expected.

✅ Verification successful

Error handling and redirects implementation is consistent across handlers

The verification shows that the error handling and redirects in the callback handler are consistent with patterns used across the codebase:

• Error responses consistently use routerClient.json({error: ...}) with appropriate status codes
• Redirect handling is uniform across auth-related handlers (login, logout, register, createOrg) using routerClient.redirect()
• The conditional redirect logic in callback.ts follows the same pattern as other handlers, properly handling both absolute URLs and relative paths by prepending the site URL when needed

The changes maintain the established error handling and redirect patterns used throughout the codebase.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for similar patterns in other Next.js API handlers
# and verify consistent error handling approaches

# Look for other API handlers with similar patterns
echo "Checking for similar API handler patterns..."
rg -t typescript "return.*routerClient\.(json|redirect)" --no-filename

# Look for error handling patterns in API routes
echo "Checking error handling patterns in API routes..."
rg -t typescript "catch.*error.*return.*routerClient\." --no-filename

Length of output: 422

---

Script:

#!/bin/bash
# Let's try without typescript file type specification
echo "Checking for similar API handler patterns..."
rg "return.*routerClient\.(json|redirect)" -A 2

echo "Checking error handling patterns..."
rg "catch.*error.*return.*routerClient\." -A 2

# Also check for general error handling patterns
echo "Checking general error handling patterns..."
rg "routerClient\.json\(\{error:" -A 2

Length of output: 2198

src/handlers/auth.js (2)

121-122: LGTM! Changes align with Next.js Pages Router patterns

The use of void here is appropriate as we want to explicitly ignore the return values while maintaining proper response handling through the res object.

---

99-99: Verify if Response object should be returned directly

In Next.js App Router, Response objects are typically returned directly to allow proper handling by the framework. Using void here might prevent the 404 response from being properly handled.

Let's verify the Next.js documentation and similar patterns in the codebase: