feat: Consolidate Apollo Client, update CSRF logic, and related refactors (#4006)

[DhineshPonnarasan]

Consolidate Apollo Client & Refactor CSRF Logic

Overview

This PR consolidates all Apollo Client logic into a single, shared implementation and refactors CSRF handling for improved reliability and SSR/client boundary safety. It also cleans up related files, updates imports, and removes redundant code.

Key Changes

Apollo Client Consolidation

Merged multiple apolloClient.ts implementations into a single shared file at apolloClient.ts.
Removed old and redundant Apollo Client files from server and helpers.
Updated all imports across the codebase to use the new shared Apollo Client.

CSRF Logic Refactor

Refactored fetchCsrfToken.ts for robust, server-only CSRF token fetching.
Improved error handling and boundary safety for SSR/client scenarios.

Algolia Search & Utility Updates

Cleaned up fetchAlgoliaData.ts to remove shell output and ensure valid TypeScript.
Added debug logging for easier troubleshooting.
Updated utility and error handling files for consistency.

General Cleanup

Removed unused or duplicate files.
Updated and cleaned up related files and imports.
Added/updated appError.ts for unified error handling.
Added/updated run_app.bat for easier local development.

Motivation

Reduce code duplication and maintenance overhead.
Ensure Apollo Client and CSRF logic are robust, secure, and SSR-safe.
Fix build/runtime errors and improve developer experience.
Prepare the codebase for future enhancements and easier onboarding.

Testing

All changes build and run locally without errors.
Manual testing of authentication, search, and Apollo queries/mutations.
Verified SSR/client boundaries and error handling.

Checklist

• Consolidated Apollo Client logic
• Refactored CSRF handling
• Updated all imports and removed redundant files
• Verified build and runtime correctness
• Added/updated documentation and scripts as needed

Please review and let me know if any further changes are needed!

[coderabbitai]

Caution

Review failed

The pull request is closed.

Summary by CodeRabbit

• New Features

  • Added a Windows script to quickly start the local Docker environment.

• Refactor

  • Unified and hardened the app’s data-fetching client with environment-aware behavior, CSRF handling, and improved error reporting.
  • Enhances reliability for authentication and data loading across chapters, committees, community snapshots, members, organizations, repositories, and projects pages.

• Chores

  • Updated internal imports to use the new client location for consistency.

Walkthrough

This PR refactors Apollo Client initialization from a server-specific module to a unified lib module with environment-aware setup, adds runtime validation guards in the auth route, updates CSRF token handling, introduces error utilities, and relocates imports across multiple layout files. Additionally, a Docker automation script is added.

Changes

Cohort / File(s)	Summary
Apollo Client Reorganization frontend/src/lib/apolloClient.ts, frontend/src/server/apolloClient.ts	New centralized Apollo Client setup at lib/apolloClient.ts with environment-specific initialization (server SSR mode, CSRF token handling, client-side cache). Old server module removed entirely.
Layout Import Updates frontend/src/app/chapters/[chapterKey]/layout.tsx, frontend/src/app/committees/[committeeKey]/layout.tsx, frontend/src/app/community/snapshots/[id]/layout.tsx, frontend/src/app/members/[memberKey]/layout.tsx, frontend/src/app/organizations/[organizationKey]/layout.tsx, frontend/src/app/organizations/[organizationKey]/repositories/[repositoryKey]/layout.tsx, frontend/src/app/projects/[projectKey]/layout.tsx	Updated apolloClient import paths from server/apolloClient to lib/apolloClient across multiple layout files with adjusted relative paths.
Auth Route Updates frontend/src/app/api/auth/[...nextauth]/route.ts	Added explicit runtime validation to throw Error if Apollo Client is not initialized in checkIfProjectLeader and checkIfMentor functions; updated import path to new centralized apolloClient module.
Error Handling Infrastructure frontend/src/utils/appError.ts	New module introducing AppError class extending Error with status property and handleAppError utility function for error logging.
CSRF Token Management frontend/src/server/fetchCsrfToken.ts, frontend/src/server/fetchAlgoliaData.ts	Added server-only guard to fetchCsrfToken; updated fetchAlgoliaData to fetch and attach CSRF token to request headers and use new AppError import.
Utility & Provider Updates frontend/src/utils/utility.ts, frontend/src/utils/helpers/apolloClient.ts, frontend/src/wrappers/provider.tsx	Removed old Apollo Client helper module; converted getCsrfToken from async to synchronous; updated provider import path to new centralized apolloClient.
Docker Automation run_app.bat	New batch script for automating Docker Compose setup with local configuration.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• Created Module and program pages #1717 — Modifies the same auth route functions (checkIfProjectLeader, checkIfMentor) with Apollo Client checks and imports.
• Added Metadata for dynamic pages and static pages #1414 — Refactors Apollo client and CSRF token integration in server modules and related imports.
• Implement OWASP Nest GitHub authentication #1634 — Updates frontend auth flow and Apollo Client setup with overlapping changes to authentication and apolloClient infrastructure.

Suggested labels

docker

Suggested reviewers

• kasya
• arkid15r

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

PR validation failed: No linked issue and no valid closing issue reference in PR description

[sonarqubecloud]

Quality Gate passed

Issues
6 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[cubic-dev-ai]

1 issue found across 19 files

Confidence score: 4/5

• This PR looks safe to merge overall; the only noted issue is a small Windows batch usability concern rather than core logic.
• run_app.bat uses cd %~dp0, which can fail on drive changes or paths with spaces, potentially breaking script execution in those setups.
• Pay close attention to run_app.bat - ensure directory change handles drive letters and spaces.

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="run_app.bat">

<violation number="1" location="run_app.bat:2">
P2: Windows batch `cd %~dp0` should use `cd /d "%~dp0"` to handle drive changes and paths with spaces</violation>
</file>

---

Since this is your first cubic review, here's how it works:

• cubic automatically reviews your code and comments on bugs and improvements
• Teach cubic by replying to its comments. cubic learns from your replies and gets better over time
• Add one-off context when rerunning by tagging @cubic-dev-ai with guidance or docs links (including llms.txt)
• Ask questions if you need clarification on any suggestion

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

P2: Windows batch cd %~dp0 should use cd /d "%~dp0" to handle drive changes and paths with spaces

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At run_app.bat, line 2:

<comment>Windows batch `cd %~dp0` should use `cd /d "%~dp0"` to handle drive changes and paths with spaces</comment>

<file context>
@@ -0,0 +1,3 @@
+@echo off
+cd %~dp0
+docker compose -f docker-compose\local\compose.yaml --project-name nest-local up -d --build
</file context>