Add email (OTP) credentials setup to init scripts

[VasuS609]

Changes Made

Added email setup section in init.sh and init.ps1, and Added prompts for sender email and app password during initialization.
Configured the credentials to be stored as project environment variables.
Followed the existing structure used for MeiliSearch and Livekit setup.

Testing

Verified that email credentials are prompted and stored correctly.
Confirmed that the initialization flow remains smooth and consistent.
Ensured no regressions or breaking changes in existing functionality.

Summary by CodeRabbit

• New Features

  • Email (OTP) setup integrated into initialization: prompts for sender email and app password, securely captures and stores credentials.

• Chores

  • Enhanced initialization workflow and Livekit credential prompts for clearer setup.
  • Added robust failure checks during environment-variable pushes and a final success message after setup completion.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

The init scripts now add an interactive Email (OTP) setup that collects sender email and app password, validates them, securely converts/stores the password (PowerShell), and pushes SENDER_MAIL and SENDER_PASSWORD to Appwrite. The Bash script also expands and reorders Livekit environment variable prompts and pushes.

Changes

Cohort / File(s)	Summary
OTP Email prompts & Appwrite pushes init.ps1, init.sh	Interactive prompts to collect sender email and sender app password; validation loops; conversion to plaintext in PowerShell with secure cleanup; push SENDER_MAIL and SENDER_PASSWORD as Appwrite project variables with exit checks.
Livekit env var additions & ordering init.sh	Added/reordered prompts and push operations for LIVEKIT_HOST, LIVEKIT_SOCKET_URL, LIVEKIT_API_KEY, and LIVEKIT_API_SECRET with exit-status checks after each push.
Generic env push robustness init.ps1	Added exit-status/error checks after pushing several existing variables (Appwrite API key/endpoint, MeiliSearch endpoint/admin key, Livekit vars) and a final success message.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    participant User
    participant Script as init.sh / init.ps1
    participant Appwrite
    Note over Script: Start interactive setup
    User->>Script: provide Appwrite creds, Meili/Livekit inputs
    Script->>Appwrite: push APPWRITE_KEY / ENDPOINT / MEILISEARCH_*
    Appwrite-->>Script: ack / error
    alt push success
        Script->>User: prompt for Sender Email
        User-->>Script: enter email
        Script->>User: prompt for Sender Password
        User-->>Script: enter password
        Script->>Script: (PS) convert secure string -> plaintext, cleanup finally
        Script->>Appwrite: push SENDER_MAIL / SENDER_PASSWORD
        Appwrite-->>Script: ack / error
        Script->>User: success message
    else push failure
        Script->>User: abort with error
    end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

• Review attention: secure handling and zeroing of plaintext password in init.ps1, proper exit/error checks after each appwrite push, and correct input validation/flow in both Bash and PowerShell variants.

Possibly related PRs

• Add Meilisearch integration #96 — Adds Meilisearch credential prompts and environment variable setup in initialization scripts; strongly related to the MeiliSearch/Appwrite env-var pushes added here.

Poem

🐇
I hopped along the setup trail,
Collected mail and secret veils,
Stored them safe with careful tap—
A tiny rabbit's handy map.
Congrats! Your app is set to sail.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and accurately describes the main change: adding email (OTP) credentials setup functionality to initialization scripts.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

Tip

📝 Customizable high-level summaries are now available in beta!

You can now customize how CodeRabbit generates the high-level summary in your pull requests — including its content, structure, tone, and formatting.

• Provide your own instructions using the high_level_summary_instructions setting.
• Format the summary however you like (bullet lists, tables, multi-section layouts, contributor stats, etc.).
• Use high_level_summary_in_walkthrough to move the summary from the description to the walkthrough section.

Example instruction:

"Divide the high-level summary into five sections:

1. 📝 Description — Summarize the main change in 50–60 words, explaining what was done.
2. 📓 References — List relevant issues, discussions, documentation, or related PRs.
3. 📦 Dependencies & Requirements — Mention any new/updated dependencies, environment variable changes, or configuration updates.
4. 📊 Contributor Summary — Include a Markdown table showing contributions:
   | Contributor | Lines Added | Lines Removed | Files Changed |
5. ✔️ Additional Notes — Add any extra reviewer context.
   Keep each section concise (under 200 words) and use bullet or numbered lists for clarity."

Note: This feature is currently in beta for Pro-tier users, and pricing will be announced later.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (4)

init.ps1 (2)

183-183: Remove or clarify the commented line.

This commented-out appwrite push functions --with-variables command appears to be leftover from refactoring, as the actual command is executed at Line 202. If this comment serves a specific purpose (e.g., documenting the flow), consider adding context; otherwise, remove it to avoid confusion.

-# appwrite push functions --with-variables

---

186-188: Add input validation for email credentials.

The script accepts email and password without validation. Consider verifying that the email follows a basic format and that the password is not empty.

Apply this diff to add basic validation:

 $senderMail = Read-Host "Please provide sender email address (e.g., your-email@gmail.com)"
+if (-not ($senderMail -match "^[^@]+@[^@]+\.[^@]+$")) {
+    Write-Host "Invalid email format. Please run the script again with a valid email."
+    exit 1
+}
+
 $senderPassword = Read-Host "Please provide sender email app password" -AsSecureString
+if ($senderPassword.Length -eq 0) {
+    Write-Host "Password cannot be empty. Please run the script again."
+    exit 1
+}
 $senderPasswordPlain = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($senderPassword))

init.sh (2)

130-130: Remove or clarify the misplaced comment.

The comment ## appwrite push functions --with-variables appears to be leftover from refactoring, as the actual command is executed at Line 190. If this comment serves as a section marker, consider rephrasing it to clarify its purpose; otherwise, remove it.

-## appwrite push functions --with-variables

---

133-134: Add input validation for email credentials.

The script accepts email and password without validation. Empty inputs or invalid email formats could cause runtime issues in the OTP functionality.

Apply this diff to add basic validation:

 read -p "Please provide sender email address (e.g., your-email@gmail.com): " senderMail
+if [[ ! "$senderMail" =~ ^[^@]+@[^@]+\.[^@]+$ ]]; then
+    echo "Invalid email format. Please run the script again with a valid email."
+    exit 1
+fi
+
 read -sp "Please provide sender email app password: " senderPassword
 echo ""
+if [[ -z "$senderPassword" ]]; then
+    echo "Password cannot be empty. Please run the script again."
+    exit 1
+fi

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 795f29b and 63b58ce.

📒 Files selected for processing (2)

• init.ps1 (1 hunks)
• init.sh (1 hunks)

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Verify that environment variables are created successfully.

The script doesn't check whether the appwrite project create-variable commands succeed. This is consistent with other variable creation calls in the script, but failed credential pushes could break OTP functionality.

Run the following script to verify the pattern used elsewhere in init.sh:

---

🏁 Script executed:

#!/bin/bash
# Description: Check error handling patterns for appwrite commands in init.sh

# Search for appwrite commands and check if any have error handling
rg -n -C3 'appwrite project create-variable.*\|\||\&\& \[|if \[' init.sh

Length of output: 2361

---

I need to examine the actual code context around lines 139-140 and search for all appwrite project create-variable calls to verify the pattern.

Now let me examine the actual init.sh file to see the code context:

---

🏁 Script executed:

#!/bin/bash
# Get the content around lines 139-140 and show all appwrite project create-variable calls

# Show lines around 139-140
echo "=== Lines around 139-140 in init.sh ==="
sed -n '130,150p' init.sh

echo -e "\n=== All appwrite project create-variable calls in init.sh ==="
rg -n 'appwrite project create-variable' init.sh -A1 -B1

Length of output: 201

---

I need to locate init.sh in the repository first:

---

🏁 Script executed:

#!/bin/bash
# Find init.sh location in repository
fd 'init\.sh' --type f

# Once found, get content around lines 139-140 and all appwrite project create-variable calls
echo -e "\n=== Searching for init.sh and extracting content ==="
init_file=$(fd 'init\.sh' --type f | head -1)
if [ -n "$init_file" ]; then
  echo "Found init.sh at: $init_file"
  echo -e "\n=== Lines around 139-140 ==="
  sed -n '130,150p' "$init_file"
  echo -e "\n=== All appwrite project create-variable calls ==="
  rg -n 'appwrite project create-variable' "$init_file" -A1 -B1
else
  echo "init.sh not found"
fi

Length of output: 2676

---

Add error handling to email credential setup commands at lines 139-140.

Your observation is verified and accurate. None of the 10 appwrite project create-variable calls in init.sh have error handling, making lines 139-140 consistent with the pattern elsewhere in the file. However, this is problematic for OTP functionality since SENDER_MAIL and SENDER_PASSWORD are critical credentials. The script checks appwrite login exit code (line 43) but not these credential pushes, creating an inconsistency. If either command fails silently, OTP verification will break without user awareness.

Add checks after both commands:

appwrite project create-variable --key SENDER_MAIL --value "$senderMail" || { echo "Failed to set SENDER_MAIL"; exit 1; }
appwrite project create-variable --key SENDER_PASSWORD --value "$senderPassword" || { echo "Failed to set SENDER_PASSWORD"; exit 1; }

Consider applying the same pattern to other critical variable creation calls (lines 71, 75, 127-128, 186-189) for consistency and robustness.

🤖 Prompt for AI Agents

In init.sh around lines 139-140, the appwrite project create-variable calls for
SENDER_MAIL and SENDER_PASSWORD lack error handling; add checks immediately
after each command so the script prints a clear failure message and exits
non-zero if the create-variable command fails (i.e., run the create-variable,
then test its exit status and echo "Failed to set SENDER_MAIL" / "Failed to set
SENDER_PASSWORD" and exit 1 on failure). Also apply the same exit-on-failure
pattern to other critical variable creation calls noted (lines 71, 75, 127-128,
186-189) to ensure the script halts and reports which credential failed to
create.

[M4dhav]

As suggested by CodeRabbit, please add checks to ensure that the senderMail and senderPassword inputs were entered before moving forward. stay in a read loop until they are entered.

[VasuS609]

Hey @M4dhav, sorry for the delay, I was busy with exams.
Thanks for the feedback! I’ll add input validation loops to ensure both senderMail and senderPassword are non-empty before proceeding. Will push the fixes shortly.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

init.ps1 (2)

230-232: Consider adding feedback message for empty email input.

The validation loop works correctly and addresses the previous review feedback. However, unlike the password validation loop (line 247), there's no feedback message when the user enters an empty email. For consistency:

 do {
     $senderMail = Read-Host "Please provide sender email address (e.g., your-email@gmail.com)"
+    if ([string]::IsNullOrWhiteSpace($senderMail)) {
+        Write-Host "Email address cannot be empty. Please try again."
+    }
 } while ([string]::IsNullOrWhiteSpace($senderMail))

---

251-275: Proper try/finally pattern for sensitive data cleanup.

The BSTR is correctly cleaned up in the finally block. The error handling for both SENDER_MAIL and SENDER_PASSWORD variable creation is consistent with the rest of the script.

One optional improvement: clear $senderPasswordPlain after use to reduce the window where the plain-text password exists in memory, though this is a minor concern for a local initialization script.

     Write-Host "Email credentials configured successfully!"
 } finally {
     # Clean up sensitive memory
     [Runtime.InteropServices.Marshal]::ZeroFreeBSTR($bstr)
+    $senderPasswordPlain = $null
 }

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 63b58ce and 6e3c6bb.

📒 Files selected for processing (2)

• init.ps1 (3 hunks)
• init.sh (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• init.sh

🔇 Additional comments (4)

init.ps1 (4)

78-88: Good addition of error handling for environment variable creation.

This addresses the previously raised concern about missing error checks. The pattern using $LASTEXITCODE with Write-Error and exit 1 is appropriate for PowerShell and ensures the script fails fast if critical configuration steps fail.

---

146-155: Consistent error handling across all service configurations.

The same error-checking pattern is correctly applied to MeiliSearch and Livekit environment variable creation. This ensures setup fails explicitly rather than silently continuing with missing configuration.

Also applies to: 203-224

---

235-249: Well-implemented secure password input with proper memory cleanup.

Good use of SecureString with -AsSecureString, and the BSTR memory is correctly zeroed in the finally block. The validation loop with user feedback addresses the previous review comment about non-empty input validation.

---

277-279: LGTM!

The final push and congratulatory message provide good closure to the setup process.