🛂 (radar) Correctly block banned IP event when signing in with oauth providers

apps/builder/src/features/auth/components/SignInError.tsx

@@ -17,9 +17,10 @@ export const SignInError = ({ error }: Props) => {
     OAuthAccountNotLinked: t('auth.error.oauthNotLinked'),
     default: t('auth.error.unknown'),
   }
+  if (!errors[error]) return null
   return (
     <Alert status="error" variant="solid" rounded="md">
-      {errors[error] ?? errors[error]}
+      {errors[error]}
     </Alert>
   )
 }

apps/builder/src/features/auth/components/SignInForm.tsx

@@ -65,6 +65,17 @@ export const SignInForm = ({
     })()
   }, [status, router])
 
+  useEffect(() => {
+    if (!router.isReady) return
+    if (router.query.error === 'ip-banned') {
+      showToast({
+        status: 'info',
+        description:
+          'Your account has suspicious activity and is being reviewed by our team. Feel free to contact us.',
+      })
+    }
+  }, [router.isReady, router.query.error, showToast])
+
   const handleEmailChange = (e: ChangeEvent<HTMLInputElement>) =>
     setEmailValue(e.target.value)
 

apps/builder/src/pages/api/auth/[...nextauth].ts

@@ -139,6 +139,7 @@ export const getAuthOptions = ({
   pages: {
     signIn: '/signin',
     newUser: env.NEXT_PUBLIC_ONBOARDING_TYPEBOT_ID ? '/onboarding' : undefined,
+    error: '/signin',
   },
   events: {
     signIn({ user }) {
@@ -199,12 +200,12 @@ const handler = async (req: NextApiRequest, res: NextApiResponse) => {
 
   if (
     env.RADAR_HIGH_RISK_KEYWORDS &&
-    req.url?.startsWith('/api/auth/signin') &&
-    req.method === 'POST'
+    ((req.method === 'POST' && req.url?.startsWith('/api/auth/signin')) ||
+      (req.method === 'GET' && req.url?.startsWith('/api/auth/callback')))
   ) {
     const ip = getIp(req)
     if (ip) {
-      const isIpBanned = await prisma.bannedIp.findFirst({
+      const isIpBanned = await prisma.bannedIp.count({
         where: {
           ip,
         },