[PERFORMANCE / UX] : GitRank.jsx: sessionStorage token loss on tab duplication or browser restore causes silent GitHub API rate-limit exhaustion

[MayurKharat0390]

Describe the bug

❌ Describe the bug

On the GitRank Rating Engine page (/dashboard/gitrank), the charts and stats panels fetch user event logs and repository analytics from GitHub's REST API. To authorize these requests, the page attempts to retrieve the GitHub OAuth token from sessionStorage:

const token = sessionStorage.getItem(`gh_token_${user?.uid}`);
const headers = token ? { Authorization: `token ${token}` } : {};

### Steps to reproduce


---

### 3. Steps to reproduce
```markdown
### 🛠️ Steps to Reproduce
1. Log into RankerHub with GitHub and navigate to the **GitRank** page (`/dashboard/gitrank`).
2. Duplicate the active browser tab (Right-click tab -> Duplicate).
3. Open the Developer Tools console (`F12`) on the duplicated tab.
4. Refresh the page and observe the network requests to `https://api.github.com/users/{username}/events`.
5. **Observe the Bug:** The request is sent without any `Authorization` header. Navigating between pages a few times immediately triggers a `403 rate limit exceeded` block.

### Expected behavior

The application should robustly handle token loss:
1. **Fallback/Graceful Warning:** If `sessionStorage` is empty but the user is logged in, show a subtle "Authentication Expired" or "Re-sync GitHub Connection" notice on the sync panel.
2. **Re-authentication Prompt:** Provide a button to trigger a quick GitHub OAuth re-auth flow to restore the transient token in the current tab without fully logging the user out.

### Screenshots/Videos

_No response_

### System Information

Windows, Chrome, Node.js v20+, npm v10+

### Before submitting

- [x] I have read the [Contributing Guidelines](https://github.com/indresh404/RankerHub/blob/main/docs/CONTRIBUTING.md)
- [x] I have checked for duplicate issues.
- [x] This is a bug that can be reproduced consistently.

[CodeSparks45]

Hiii i am very intreseted in this issue and would like to contribute to this issue under GSSOc'26 can you please assign this issue to me i will start work immediately on this issue

[AnshuS13]

Hi @MayurKharat0390 ,

I'd like to work on this issue under NSoC'26 if it is available.

After reading through the issue, I understand that the GitRank page currently relies on a GitHub OAuth token stored in sessionStorage, which can be lost when a tab is duplicated or restored. As a result, GitHub API requests are sent without authorization headers, causing users to hit rate limits much sooner than expected.

I would like to investigate the current authentication flow and implement a user-friendly fallback mechanism, such as detecting missing tokens, displaying an appropriate warning, and providing a way to re-establish the GitHub connection without disrupting the user experience.

This looks like an interesting issue involving both UX and authentication handling, and I'd be glad to contribute a fix. Please assign it to me if it's available.

Thank you!

[uNikhil-codes]

Hi @MayurKharat0390, I would love to work on resolving this issue!

Because sessionStorage is scoped to a single tab context, actions like tab duplication or browser session restoration wipe the GitHub token while keeping the user's primary application session intact. This causes requests to silently fall back to unauthenticated limits (60 req/hr vs 5,000 req/hr).

Here is my proposed implementation plan to fix this gracefully in src/pages/GitRank.jsx:

1. Token Loss Detection: Add an isTokenMissing state variable. Check sessionStorage inside a useEffect on mount. If user is logged in but gh_token_${user.uid} is absent, set isTokenMissing to true.
2. Error Interception: Handle potential rate-limiting errors (403 Forbidden) during the API sync process. If an unauthenticated fetch triggers a rate limit error, automatically flag isTokenMissing to update the UX.
3. Visual UX Banner: Introduce a clean, amber-themed alert component at the top of the GitRank page if isTokenMissing is active. This informs the user that their transient GitHub session has expired and warns them about rate limits.
4. Transient Re-Authentication: Provide a "Re-sync GitHub Connection" button on the banner that triggers the app's existing OAuth connect/popup flow, safely restoring the token inside sessionStorage and immediately updating the state without disrupting the user's current route or session.

I have already reviewed the file structure and am ready to implement and test this fix. Could you please assign this issue to me?

Thank you!

/claim

[indresh404]

@AnshuS13 @uNikhil-codes @CodeSparks45 you guys can make your own issue of web i am assigning to the author