[HOLD for payment 2023-06-19] [$1000] Web - Login - "Incorrect magic code" error if click "Go back" in 2FA input page

[kavimuru]

If you haven’t already, check out our contributing guidelines for onboarding and email contributors@expensify.com to request to join our Slack channel!

---

Action Performed:

Precondition - User has setup a 2FA to log into account

1. Open https://staging.new.expensify.com/

2. Input email for account from the precondition

3. Click "Continue"
   4.Input magic code

4. Click "Continue

5. Click "Go back"

Expected Result:

User lands in login page with no errors

Actual Result:

User lands in login page with an error about incorrect magic code displayed - "Incorrect magic code. Please try again or request a new code".

Workaround:

Can the user still use Expensify without this being fixed? Have you informed them of the workaround?

Platforms:

Which of our officially supported platforms is this issue occurring on?

• Android / native
• Android / Chrome
• iOS / native
• iOS / Safari
• MacOS / Chrome / Safari
• MacOS / Desktop

Version Number: 1.3.19-2
Reproducible in staging?: y
Reproducible in production?: y
If this was caught during regression testing, add the test name, ID and link from TestRail:
Email or phone of affected tester (no customers):
Logs: https://stackoverflow.com/c/expensify/questions/4856
Notes/Photos/Videos: Any additional supporting documentation

Bug6069882_Recording__607.mp4

Expensify/Expensify Issue URL:
Issue reported by: Applause internal team
Slack conversation:

View all open jobs on GitHub

Upwork Automation - Do Not Edit

• Upwork Job URL: https://www.upwork.com/jobs/~0117c06543ed99c789
• Upwork Job ID: 1663137767104331776
• Last Price Increase: 2023-05-29

[melvin-bot]

Triggered auto assignment to @bfitzexpensify (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details.

[melvin-bot]

Bug0 Triage Checklist (Main S/O)

• This "bug" occurs on a supported platform (ensure Platforms in OP are ✅)
• This bug is not a duplicate report (check E/App issues and #expensify-bugs)
  • If it is, comment with a link to the original report, close the issue and add any novel details to the original issue instead
• This bug is reproducible using the reproduction steps in the OP. S/O
  • If the reproduction steps are clear and you're unable to reproduce the bug, check with the reporter and QA first, then close the issue.
  • If the reproduction steps aren't clear and you determine the correct steps, please update the OP.
• This issue is filled out as thoroughly and clearly as possible
  • Pay special attention to the title, results, platforms where the bug occurs, and if the bug happens on staging/production.
• I have reviewed and subscribed to the linked Slack conversation to ensure Slack/Github stay in sync

[hoangzinh]

Proposal

Please re-state the problem that we are trying to solve in this issue.

Redirects to authenticator code screen again when user clicks go back to change email when 2FA enabled

What is the root cause of that problem?

Because when we click on text link "Go back". It will clear all the sign in data

If we are on 2FA screen, it will unmount and mount again MagicCodeInput component again to prepare for input magic code => Which will trigger this line in useEffect to sign in when we already has enough magic code digits. Because, when we clear data, we haven't cleared validateCode too so it will try to submit SignIn with current magic codes (because it has enough 6 digits already).

What changes do you think we should make in order to solve the problem?

We need to clear validateCode too in this line.

this.setState({twoFactorAuthCode: '', formError: {}, validateCode: ''});

So it will prevent to submit magic codes when we go back to input email screen.

[Nathan-Mulugeta]

Hello team I just wanted to let you know I originally reported this issue here on slack.

[bfitzexpensify]

Reproduced.

[melvin-bot]

Job added to Upwork: https://www.upwork.com/jobs/~0117c06543ed99c789

[melvin-bot]

Current assignee @bfitzexpensify is eligible for the External assigner, not assigning anyone new.

[melvin-bot]

Triggered auto assignment to Contributor-plus team member for initial proposal review - @rushatgabhane (External)

[melvin-bot]

Triggered auto assignment to @tgolen (External), see https://stackoverflow.com/c/expensify/questions/7972 for more details.

[aidear3]

I can fix this bug. Let's discuss more detail.

[melvin-bot]

📣 @JavSFDev! 📣
Hey, it seems we don’t have your contributor details yet! You'll only have to do this once, and this is how we'll hire you on Upwork.
Please follow these steps:

1. Get the email address used to login to your Expensify account. If you don't already have an Expensify account, create one here. If you have multiple accounts (e.g. one for testing), please use your main account email.
2. Get the link to your Upwork profile. It's necessary because we only pay via Upwork. You can access it by logging in, and then clicking on your name. It'll look like this. If you don't already have an account, sign up for one here.
3. Copy the format below and paste it in a comment on this issue. Replace the placeholder text with your actual details.
   
   Format:

Contributor details
Your Expensify account email: <REPLACE EMAIL HERE>
Upwork Profile Link: <REPLACE LINK HERE>

[melvin-bot]

Current assignee @bfitzexpensify is eligible for the External assigner, not assigning anyone new.

[melvin-bot]

Current assignee @rushatgabhane is eligible for the External assigner, not assigning anyone new.

[melvin-bot]

Triggered auto assignment to @luacmartins (External), see https://stackoverflow.com/c/expensify/questions/7972 for more details.

[hoangzinh]

@rushatgabhane @luacmartins PR is ready #19944. Please help me review it. Thanks

[avi-shek-jha]

@luacmartins @rushatgabhane Seems this issue is similar.

[melvin-bot]

@hoangzinh, @luacmartins, @rushatgabhane, @bfitzexpensify Whoops! This issue is 2 days overdue. Let's get this updated quick!

[hoangzinh]

Melvin, PR is merged. Waiting for QA testing & deploy to production.

[melvin-bot]

Reviewing label has been removed, please complete the "BugZero Checklist".

[melvin-bot]

The solution for this issue has been 🚀 deployed to production 🚀 in version 1.3.26-4 and is now subject to a 7-day regression period 📆. Here is the list of pull requests that resolve this issue:

• Fix "Incorrect magic code" error if click "Go back" in 2FA input page #19944

If no regressions arise, payment will be issued on 2023-06-19. 🎊

After the hold period is over and BZ checklist items are completed, please complete any of the applicable payments for this issue, and check them off once done.

• External issue reporter
• Contributor that fixed the issue
• Contributor+ that helped on the issue and/or PR

As a reminder, here are the bonuses/penalties that should be applied for any External issue:

• Merged PR within 3 business days of assignment - 50% bonus
• Merged PR more than 9 business days after assignment - 50% penalty

[melvin-bot]

BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:

• [@rushatgabhane] The PR that introduced the bug has been identified. Link to the PR:
• [@rushatgabhane] The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment:
• [@rushatgabhane] A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion:
• [@rushatgabhane] Determine if we should create a regression test for this bug.
• [@rushatgabhane] If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again.
• [@bfitzexpensify] Link the GH issue for creating/updating the regression test once above steps have been agreed upon:

[rushatgabhane]

Won't be able to complete the checklist this week. (We can make this a weekly if that's okay)

[bfitzexpensify]

No problem @rushatgabhane - let's leave it a daily for the moment just so the priority is still correct, but noted that it won't be completed until next week

[bfitzexpensify]

@rushatgabhane just a reminder to complete the checklist this week when you get a chance - thanks!

[rushatgabhane]

1. The PR that introduced the bug has been identified. Link to the PR: Fix: Entering the incorrect magic code spins the 'sign-in' button continuously offline #18960

2. The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment: https://github.com/Expensify/App/pull/18960/files#r1242778125

3. A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion: Not needed imo

4. Determine if we should create a regression test for this bug. No

[rushatgabhane]

Hey @bfitzexpensify, Anu is setting up global payments through new expensify for us. It might take another week or two, and we'll have the clarity of next steps for payment.

Until then, we could make this a weekly issue? I hope this is okay :)

https://expensify.slack.com/archives/C02NK2DQWUX/p1687451792686509?thread_ts=1686871517.189609&cid=C02NK2DQWUX

[bfitzexpensify]

@rushatgabhane thanks for completing the checklist!

Happy to switch this to a weekly. Just a note on that — that means I won't be checking this issue every day, so if you can ping here once the new payment method is ready to go, I'll get that payment processed ASAP.

[rushatgabhane]

Hi @bfitzexpensify, I made a manual request on new dot https://staging.new.expensify.com/r/7305054148899705
Thank you for your patience

[rushatgabhane]

This is paid on new dot!
P.S. manual requests can only be paid by Anu or Jason for now

[bfitzexpensify]

Awesome — OK, we can close this out, thanks everyone!