Skip to content

docs: clarify passwordless code vs magic link flows in EXAMPLES.md#1580

Merged
subhankarmaiti merged 2 commits into
masterfrom
docs/passwordless-code-vs-link-flow
Jun 26, 2026
Merged

docs: clarify passwordless code vs magic link flows in EXAMPLES.md#1580
subhankarmaiti merged 2 commits into
masterfrom
docs/passwordless-code-vs-link-flow

Conversation

@subhankarmaiti

@subhankarmaiti subhankarmaiti commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

Splits the passwordless example into separate code and magic link flows, documenting that the code flow is SDK-handled via loginWithEmail while the magic link flow completes server-side and requires handling the deep-link callback.

Summary by CodeRabbit

  • Documentation
    • Clarified passwordless email behavior for send: 'code' (code flow) versus send: 'link' (magic link), including the recommended path.
    • Updated the passwordless example to align with supported email flow behavior.
    • Rewrote the React Native magic-link walkthrough with end-to-end deep-link handling for both cold start and in-app callbacks.
    • Added a reminder that the app is responsible for securely processing returned tokens and deep-link callbacks.

@subhankarmaiti subhankarmaiti requested a review from a team as a code owner June 26, 2026 05:31
@coderabbitai

coderabbitai Bot commented Jun 26, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 9f6680b8-f2fa-4650-9a79-753a96d9aad6

📥 Commits

Reviewing files that changed from the base of the PR and between 0976d17 and 2052e3d.

📒 Files selected for processing (1)
  • EXAMPLES.md
🚧 Files skipped from review as they are similar to previous changes (1)
  • EXAMPLES.md

📝 Walkthrough

Walkthrough

EXAMPLES.md now separates Passwordless send: 'code' and send: 'link' usage, updates the code-flow example, and replaces the magic-link walkthrough with deep-link callback handling and token extraction.

Changes

Passwordless example documentation

Layer / File(s) Summary
Code flow guidance
EXAMPLES.md
The Passwordless code-flow section clarifies supported send values and updates the example start call to send: 'code'.
Magic link callback handling
EXAMPLES.md
The magic-link section adds a send: 'link' flow and shows how to read tokens from the deep-link URL fragment with Linking.getInitialURL() and Linking.addEventListener('url', ...).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 I hopped through docs both neat and bright,
code and link now dart in sight.
Deep links wink; the tokens gleam,
My whiskers twitch at every stream.
Hop hop—this guide feels just right!

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly summarizes the main docs change: clarifying passwordless code and magic link flows in EXAMPLES.md.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch docs/passwordless-code-vs-link-flow

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
EXAMPLES.md (1)

302-306: 🧹 Nitpick | 🔵 Trivial | 💤 Low value

Note the need to clean up the url event listener.

The example stores the subscription from Linking.addEventListener('url', ...) but doesn't show removing it. Consider adding a brief note that the listener should be removed when no longer needed (e.g., on component unmount) to avoid memory leaks or duplicate handling.

📝 Suggested addition
// Remember to clean up the listener when your component unmounts
// subscription.remove();
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@EXAMPLES.md` around lines 302 - 306, The `Linking.addEventListener('url',
...)` example in `EXAMPLES.md` stores a `subscription` but never mentions
cleanup, so update the `subscription` example to note that the listener should
be removed when it is no longer needed, such as on component unmount. Add a
brief follow-up comment near the `parseTokensFromUrl` example showing that the
returned subscription must be cleaned up with its `remove` method to avoid leaks
or duplicate handling.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@EXAMPLES.md`:
- Around line 283-292: Add id_token to the token parsing example in
parseTokensFromUrl so the documented fragment parsing matches Auth0 responses
when openid is requested. Update the returned object in parseTokensFromUrl to
extract id_token alongside accessToken, expiresIn, scope, and tokenType, keeping
the example consistent with the shown URL and expected identity claims.

---

Nitpick comments:
In `@EXAMPLES.md`:
- Around line 302-306: The `Linking.addEventListener('url', ...)` example in
`EXAMPLES.md` stores a `subscription` but never mentions cleanup, so update the
`subscription` example to note that the listener should be removed when it is no
longer needed, such as on component unmount. Add a brief follow-up comment near
the `parseTokensFromUrl` example showing that the returned subscription must be
cleaned up with its `remove` method to avoid leaks or duplicate handling.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: ba21be83-15c4-4604-bf88-e31ee77afe21

📥 Commits

Reviewing files that changed from the base of the PR and between 6a9637d and 0976d17.

📒 Files selected for processing (1)
  • EXAMPLES.md

Comment thread EXAMPLES.md
@subhankarmaiti subhankarmaiti merged commit 19c75a6 into master Jun 26, 2026
5 checks passed
@subhankarmaiti subhankarmaiti deleted the docs/passwordless-code-vs-link-flow branch June 26, 2026 05:59
@subhankarmaiti subhankarmaiti mentioned this pull request Jun 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants