add profile image #139
add profile image #139
Conversation
|
This pull request is being automatically deployed with Vercel (learn more). 🔍 Inspect: https://vercel.com/developdao/dao-job-board/5ytcsqcrxCAtx2kwHbJHr7kGVKGK |
|
@allcontributors please add @diegoalzate for code |
|
I've put up a pull request to add @diegoalzate! 🎉 |
There was a problem hiding this comment.
Looks good overall thank you @diegoalzate 🎉
I've requested some minor changes. But I also noticed that yarn.lock was removed and package-lock.json is added, I am not entirely sure if this is a problem but would like to request your review 👀 on this PR @with-heart @Dhaiwat10
…emoved style components from package.json
| import { Web3Storage } from 'web3.storage'; | ||
|
|
||
| export const makeStorageClient = () => { | ||
| return new Web3Storage({ token: process.env.WEB3STORAGE_TOKEN ?? '' }); |
There was a problem hiding this comment.
Currently this token will be exposed in our front-end bundle, meaning any malicious actor can take this and put an infinite amount of files. Do we want to make this part of user-retrieval, ...? Or is this token scoped to only read?
There was a problem hiding this comment.
Hi @JoviDeCroock, you're completely right about it being available to malicious actors. How can i not expose the token? I was not aware that it would be exposed in our front end bundle.
There was a problem hiding this comment.
We can do this as a follow-up issue as we're not live yet but I'd suggest incorporating this in our api-routes so /ap/upload-avatar which will stream fe --> api-route --> web3.storage this makes our tokens safely stored in a serverless function and away from our users
There was a problem hiding this comment.
Yeah definitely make an API route for this. You don't wanna expose it to the browser.
There was a problem hiding this comment.
@carlomigueldy True i didnt notice that I removed the yarn.lock, i did a back merge to fix conflicts with the new changes that were uploaded to main but something obviously went wrong along the way. Just let me know how i should fix it :) |
| src="/DevDAO.png" | ||
| alt="developer" | ||
| /> | ||
| <AddAvatar src="/DevDAO.png" /> |
There was a problem hiding this comment.
A page file should not accept any props. Please see my comment above. Basically, if anyone vistis the create-profile/add-avatar route, will render automatically since it's the default export from the file named add-avatar.tsx.
You should be just redirecting the user to that route.
There was a problem hiding this comment.
I get that pages shouldn't accept any props, in this case I thought a component was the solution to the issue
| export const ButtonGreen = ({ children, as, onClick }: ChakraButtonProps) => { | ||
| return ( | ||
| <Button | ||
| size="sm" | ||
| bgColor="#38A169" | ||
| textColor="white" | ||
| _hover={{ cursor: 'pointer', bg: '#2F855A' }} | ||
| m="5px" | ||
| ms="0px" | ||
| w="auto" | ||
| fontSize="14px" | ||
| onClick={onClick} | ||
| as={as} | ||
| > | ||
| {children} | ||
| </Button> | ||
| ); | ||
| }; |
There was a problem hiding this comment.
I'm seeing a lot of repetition in this file. Most of these variants of the Chakra Button component share most of their props. Can we clean this up?
There was a problem hiding this comment.
True, I don't remember changing this page it might just be style changes that show up in the git log, I'll look into it either way 😃
There was a problem hiding this comment.
These buttons will probably be changed, but you're right about cleaning the code
Yo @diegoalzate ! Just delete all And then we're ready to merge this in! |
@carlomigueldy sounds great, just pushed these changes, not sure why it says i dismissed @Dhaiwat10 stale review :/ |
Whoops sorry, I think it was the branch rules that I put. I removed that rule instead so it doesn't get dismissed unintentionally |
Overview
This PR adds an upload profile image functionality to the create-profile page
ISSUE
In order to create this i installed the following packages:
How the AddAvatar component works
Firstly, i checked the supabase client and hooks were being created, very cool btw. So i followed that arcihtecture and stored the web3StorageClient in the common folder
note: this whole functionality requires a web3Storage token to be added to doppler, as of right now this token is associated to my account, ill leave this up to you guys @carlomigueldy @angeljgomezc @Dhaiwat10
AddAvatarComponent
This component recieves a src as a prop which will be the image that is rendered initially.
hoverImage.hoverImagechanges with thetoggleHoverfunction that is triggered by the eventsonMouseLeavewhile it is a div with a background image andonMouseEnterwhile it is just an image component, in order to show a button while mouse is over the image and remove it when it is no longer there.submitProfilePicture, this function shows what we send to web3Storage and what they return, i added a todo so the result is updated in db