AuthAiAgent

Auth AI Agent: Secure AI that fixes GitHub bugs on command using Auth0 tokens for trust. No more uncontrolled agents. Just owner, repo, file, change done. Built with Gemini, ready for real work.

Comment

Inspiration

Agentic apps are powerful but trust is broken. Uncontrolled tools leak data, bad actors misuse tokens. Auth0's identity layer + token wallet fixes that. I wanted a real world demo: secure AI that reads code, fixes bugs, commits safely

What it does

Auth AI Agent logs you in with Auth0 (via Gmail), grabs a secure token, reads your GitHub repo code, lets you describe a bug then Gemini AI analyzes it, suggests the fix, and auto-creates a pull request (PR) for you.

How we built it

Auth0 Login Used Auth0 SDK for Gmail login. Token generated on success. GitHub Access Passed token to GitHub API: read repo files securely. AI Brain Gemini API takes user input (owner/repo/file/bug description), analyzes code, suggests fix. PR Creation GitHub API auto-commits change + creates pull request. UI Simple one-page: login button, 4 text fields, "Fix Bug" button, logout. Security All via Auth0 tokens no hard-coded keys, no leaks.

Challenges we ran into

Node.js backend: Library imports broke on deploy fixed with proper package.json and "require" order. Network instability: Server dropped during Gemini calls added retry logic + timeout handling. CORS errors: Cross-origin blocks from Auth0/GitHub solved by setting "cors" middleware (require('cors')) on Express server. Token refresh: Auth0 token expired mid-session added auto-refresh on 401 error.

Accomplishments that we're proud of

First time using Auth0 + Gemini together token login worked perfectly on first try. Built secure PR creation zero leaks, zero manual commits. Fixed CORS + network drops: server now 99% stable, even on slow Wi-Fi. One-page UI: clean, fast feels like real pro tool.

What we learned

Auth0 isn't just login it's a full trust layer. Token handling is everything for agent safety. Node.js + CORS: one wrong header kills everything. Always test cross-origin early. Network flakes happen retry + exponential backoff saved my backend. Gemini shines when you give clear prompts. Bad input = bad fix.

What's next for AuthAiAgent

Add multi-agent support: one agent fixes code, another tests it, third deploys. Mobile app version: Android/iOS login once, fix bugs on phone. Real-time collab: share PR draft with team before commit. Open-source core: let devs fork + build their own agents.

Built With

Share this project:

Updates