(Added) Add Qodana Code Quality Check Workflow (#25)

* Update Qodana inspection profile and exclude paths

The profile in the qodana.yaml file has been updated to "qodana.recommended" from "qodana.starter". The inspection list has also been expanded to include various PHP inspections for better code quality. Additionally, all paths starting with 'vendor' have been excluded to avoid unnecessary inspections on third-party libraries.

* Add Qodana code quality workflow

A new GitHub Actions workflow for Qodana, a static code analysis tool, has been added. The configuration is set to run on every push to the main branch and on workflow dispatch. It includes steps for setting up PHP, caching composer dependencies, and running the Qodana scan.

* Update error handling in login functionality

Enhanced the error handling mechanism in login functionality to improve user experience. The update includes better messages and redirect behavior for failed login attempts. Now, the app should handle login errors more efficiently, creating a smoother flow for users.

.github/workflows/qodana_code_quality.yml

@@ -0,0 +1,53 @@
+name: Qodana
+on:
+  workflow_dispatch:
+  push:
+    branches: [main]
+
+jobs:
+  qodana:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        id: checkout
+        with:
+          fetch-depth: 0
+
+      - name: Setup PHP
+        id: setup-php
+        if: steps.checkout.outcome == 'success'
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: "8.1"
+          extensions: ast, mbstring, pdo, pdo_mysql, xml, zip
+          coverage: xdebug
+
+      - name: Cache Composer Dependencies
+        id: composer-cache
+        if: steps.setup-php.outcome == 'success'
+        uses: actions/cache@v2
+        with:
+          path: vendor
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
+          restore-keys: ${{ runner.os }}-composer-
+
+      - name: Install dependencies
+        id: composer-install
+        if: steps.setup-php.outcome == 'success'
+        run: composer install --prefer-dist --no-progress
+
+      - name: "Qodana Scan"
+        id: qodana
+        if: steps.composer-cache.outcome == 'success'
+        uses: JetBrains/qodana-action@v2023.3
+        env:
+          QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
+        with:
+          pr-mode: false
+          #args: --apply-fixes,--baseline,qodana.sarif.json
+          args: --apply-fixes
+          push-fixes: pull-request
+          use-caches: true
+          post-pr-comment: true
+          upload-result: false
+          github-token: ${{ github.token }}

qodana.yaml

@@ -1,7 +1,7 @@
 version: "1.0"
 linter: jetbrains/qodana-php:latest
 profile:
-  name: qodana.starter
+  name: qodana.recommended
 exclude:
   - name: All
     paths:
@@ -12,10 +12,28 @@ exclude:
 include:
   - name: PhpVulnerablePathsInspection
   - name: VulnerableLibrariesGlobal
-  - name: CheckDependencyLicenses
   - name: PhpCoverageInspection
+  - name: PhpInconsistentReturnPointsInspection
+  - name: PhpRedundantOptionalArgumentInspection
+  - name: PhpTernaryExpressionCanBeReplacedWithConditionInspection
+  - name: PhpFullyQualifiedNameUsageInspection
+  - name: PhpUnnecessaryFullyQualifiedNameInspection
+  - name: DuplicatedCode
+  - name: PhpReturnDocTypeMismatchInspection
+  - name: PhpMissingParamTypeInspection
+  - name: PhpMissingFieldTypeInspection
+  - name: PhpMissingReturnTypeInspection
+  - name: PhpDynamicFieldDeclarationInspection
+  - name: PhpUnusedAliasInspection
+  - name: PhpUnusedLocalVariableInspection
 plugins:
   - id: com.kalessil.phpStorm.phpInspectionsEA
-  - id: net.rentalhost.plugins.php.hammer
 php:
   version: "8.2"
+exclude:
+  - name: All
+    paths:
+      - vendor
+      - vendor/
+      - vendor/*
+      - vendor/**