Scott.Idem/OSIT-AE-App-Svelte
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(idaa): fix Novi UUID verification — stuck spinner, repeat calls, impersonation

Browse Source 
Critical bugs fixed:
- $derived(() => {}) stored the function itself; uuid/api_key were always
  undefined so verification never fired. Fixed to $derived.by(() => {}).
- novi_verifying pre-initialized to true (flash prevention) was also used as
  the concurrency guard — guard saw it as in-flight and exited immediately,
  leaving the spinner stuck forever. Split into separate verify_in_flight flag.
- $idaa_loc reads in dedupe snapshot (outside untrack) subscribed the effect
  to idaa_loc writes, causing needless re-runs post-verification.
- Rate limit was not UUID-aware: 429 on one UUID blocked impersonation
  (new UUID). TTL and rate-limit guards now both bypass when UUID changes.

Also includes: store defaults for novi_verified_ts + novi_rate_limited_until,
docs update, iframe template g_uuid param (prior agent changes).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Scott Idem
2026-03-27 13:38:42 -04:00
parent 9d44b9341c
commit 19d0145d00
4 changed files with 179 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
static/idaa_novi_iframe_jitsi_meeting.html
View File

@@ -29,11 +29,15 @@
let novi_customer_uid = '<%=Novi.User.CustomerUniqueId%>'; // NOTE: The Novi UUID for the current current user/customer
console.log(`Novi's Current User's ID: ${novi_customer_uid}`);
let novi_group_uid = 'check-Novi-Group-UID';
// let novi_category_id = ''; // Not in use yet or at all?
// NOTE: Change the room_name value to the desired Jitsi room name for the meeting.
// Example meeting room names:
// 'IDAA-Meeting' 'IDAA-Student-and-Resident-Meeting' 'IDAA-Couples-Meeting' 'IDAA-BIPOC-Meeting'
let room_name = 'IDAA-Example-Meeting'; // // NOTE: Change this example meeting room name
// Example meeting room names: 'IDAA-Meeting' 'IDAA-Student-and-Resident-Meeting'
// let novi_group_id = ''; // Not in use yet
// let novi_category_id = ''; // Not in use yet
// WARNING:Do *not* use relative paths here. They must be direct to the site OSIT is hosting for IDAA. This value must point to the Svelte Jitsi page.
let idaa_osit_ae_api_root_url =
@@ -50,7 +54,7 @@
);
idaa_ae_iframe_element.src =
`${idaa_osit_ae_api_root_url}?uuid=${novi_customer_uid}&iframe=true&key=${idaa_osit_ae_site_key}&room=${room_name}`
`${idaa_osit_ae_api_root_url}?uuid=${novi_customer_uid}&g_uuid=${novi_group_uid}&iframe=true&key=${idaa_osit_ae_site_key}&room=${room_name}`
;
</script>