Prompt inline account selection when auth fails for wrong account#7329
Prompt inline account selection when auth fails for wrong account#7329VitaliiMotorko wants to merge 1 commit intoShopify:mainfrom
Conversation
When a command like `shopify theme dev` fails with an authorization error because the user is logged into the wrong account, instead of just showing an error and requiring a separate `shopify auth login`, the CLI now shows the account selection prompt inline and retries authentication. This only applies to interactive terminals — CI and non-interactive environments preserve the existing error behavior.
|
I have signed the CLA! |
There was a problem hiding this comment.
Pull request overview
This PR reduces friction when a user is authenticated to the “wrong” account for a target store by, on InvalidTargetError in interactive terminals, showing a warning, prompting for account selection inline, and retrying authentication once.
Changes:
- Export
InvalidTargetErrorfrom the token exchange module so it can be handled upstream. - Wrap
ensureAuthenticatedwith retry logic that prompts for account selection (interactive only) onInvalidTargetError. - Add unit tests covering retry/no-prompt/non-interactive/double-failure scenarios.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| packages/cli-kit/src/private/node/session/exchange.ts | Exports InvalidTargetError for upstream handling. |
| packages/cli-kit/src/private/node/session.ts | Adds InvalidTargetError catch → warning + account prompt + single retry (interactive only). |
| packages/cli-kit/src/private/node/session.test.ts | Adds tests validating retry and guard conditions. |
| .changeset/prompt-account-switch-on-auth-error.md | Adds changeset documenting the new behavior. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| export async function ensureAuthenticated( | ||
| applications: OAuthApplications, | ||
| _env?: NodeJS.ProcessEnv, | ||
| options: EnsureAuthenticatedAdditionalOptions = {}, | ||
| ): Promise<OAuthSession> { |
There was a problem hiding this comment.
ensureAuthenticated still accepts an _env parameter (and the JSDoc says it affects behavior), but it’s not used anywhere in the implementation. This makes the API misleading (callers like public/node/session.ts pass an env expecting it to be honored). Consider either wiring env through to the helpers that read from process.env (e.g., firstPartyDev, getIdentityTokenInformation, etc.) or removing the parameter/JSDoc to avoid implying it has an effect.
There was a problem hiding this comment.
Good catch, but this is pre-existing behavior — the _env parameter was already unused (prefixed with _) before this PR. This change preserves the existing function signature to avoid breaking callers. Removing or wiring up _env would be a separate refactor outside the scope of this PR.
WHY
When running commands like
shopify theme dev -s storewhile logged into the wrong account, the CLI shows an error message suggesting to runshopify auth loginseparately. This requires the user to:shopify auth loginThis is unnecessary friction for developers working with multiple stores/accounts.
WHAT
When authentication fails with an
InvalidTargetError(wrong account for the target store), the CLI now:shopify auth login)This only triggers in interactive terminals. CI and non-interactive environments preserve the existing error-and-exit behavior.
Changes
exchange.ts: ExportInvalidTargetErrorso it can be caught upstreamsession.ts: WrapensureAuthenticatedwith retry logic that catchesInvalidTargetError, shows account selector viapromptSessionSelect(), and retries oncesession.test.ts: 5 new tests covering retry on full auth, retry on refresh, noPrompt, non-interactive terminal, and double-failure scenariosBefore
After
How to test
shopify auth loginshopify theme dev -s <store-you-dont-have-access-to>Checklist
terminalSupportsPrompting()guardpnpm changeset addnoPrompt: true)