kennethnym/aris
1
0
Fork 0
mirror of https://github.com/kennethnym/aris.git synced 2026-03-27 12:21:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: kennethnym:feat/admin-dashboard
Branches Tags
kennethnym:master kennethnym:fix/tailscale-post-start kennethnym:fix/service-port-protocol kennethnym:feat/tailscale-auto-login kennethnym:fix/admin-dashboard-host kennethnym:kn/add-service-definitions kennethnym:fix/dashboard-session-redirect kennethnym:fix/backend-cors-csrf kennethnym:feat/admin-dashboard kennethnym:fix/llm-client-disable-reasoning kennethnym:feat/get-source-config kennethnym:fix/reject-unknown-config-fields kennethnym:feat/put-source-config kennethnym:feat/patch-user-source-config kennethnym:kn/query-enabled-sources-before-providers kennethnym:kn/feat/per-user-source-refresh kennethnym:feat/admin-api kennethnym:kn/feat/runtime-provider-hotswap kennethnym:feat/drizzle-studio-service kennethnym:feat/admin-plugin kennethnym:feat/db-persistence-layer kennethnym:fix/remove-dev-auth-bypass kennethnym:kn/feat/async-feed-source-provider kennethnym:feat/client-api-wiring kennethnym:feat/feed-renderer-api kennethnym:feat/tfl-renderer kennethnym:feat/caldav-feed-item-renderer kennethnym:feat/feed-item-source-id kennethnym:ci/waitlist-website-docker-build kennethnym:feat/button-icon-subcomponent kennethnym:feat/feed-item-renderer-type kennethnym:feat/aelis-components-jrx kennethnym:kn/feat/json-render-catalog-registry kennethnym:feat/component-library kennethnym:feat/context-endpoint kennethnym:refactor/rename-feed-to-engine kennethnym:feat/rendered-feed-item kennethnym:feat/dev-auth-bypass kennethnym:feat/caldav-slots-v2 kennethnym:feat/rename-aris-to-aelis kennethnym:fix/waitlist-email-rate-limit kennethnym:feat/waitlist-website kennethnym:feat/feed-enhancement kennethnym:feat/caldav-slots kennethnym:fix/caldav-recurrence kennethnym:feat/weatherkit-slots kennethnym:feat/feed-item-slots kennethnym:feat/time-of-day-enhancer kennethnym:feat/tuple-context-keys kennethnym:fix/feed-item-type-casing kennethnym:fix/weatherkit-type-exports kennethnym:fix/google-calendar-type-exports kennethnym:feat/tfl-feed-item-type kennethnym:feat/caldav-feed-item-type kennethnym:feat/feed-enhancement-boost kennethnym:feat/gpg-commit-signing-skill kennethnym:feat/post-processor-context-param kennethnym:feat/caldav-source kennethnym:feat/feed-post-processor kennethnym:fix/remove-apple-calendar-source kennethnym:feat/feed-item-signals kennethnym:docs/update-ui-rendering-model kennethnym:feat/agent-vision-docs kennethnym:feat/feed-endpoint kennethnym:feat/feed-engine-cache kennethnym:refactor/remove-trpc kennethnym:feat/source-serif-4-font kennethnym:dev/ios-simulator-build kennethnym:feat/react-native-svg kennethnym:feat/replace-tamagui-with-twrnc kennethnym:feat/aris-client-scaffold kennethnym:feat/consolidate-backend-services kennethnym:feat/feed-source-actions kennethnym:refactor/required-fetch-context kennethnym:feat/google-calendar-source kennethnym:feat/apple-calendar-source kennethnym:feat/weather-service kennethnym:feat/tfl-service kennethnym:ci/devcontainer-bun-install kennethnym:feat/feed-engine-service kennethnym:feat/location-router kennethnym:feat/trpc kennethnym:feat/location-service kennethnym:feat/auth kennethnym:feat/aris-backend kennethnym:feat/source-tfl kennethnym:feat/feed-engine kennethnym:feat/source-weatherkit kennethnym:fix/core-package-json-paths kennethnym:feat/feed-source-interface kennethnym:docs/gpg-signing-instruction kennethnym:feat/feed-controller-orchestration kennethnym:fix/oxfmt-ignore-patterns kennethnym:chore/add-claude-skills kennethnym:feat/data-source-tfl kennethnym:dev/agents-md kennethnym:feat/data-source-weatherkit kennethnym:ci/init
..
compare: kennethnym:fix/dashboard-session-redirect
Branches Tags
kennethnym:master kennethnym:fix/tailscale-post-start kennethnym:fix/service-port-protocol kennethnym:feat/tailscale-auto-login kennethnym:fix/admin-dashboard-host kennethnym:kn/add-service-definitions kennethnym:fix/dashboard-session-redirect kennethnym:fix/backend-cors-csrf kennethnym:feat/admin-dashboard kennethnym:fix/llm-client-disable-reasoning kennethnym:feat/get-source-config kennethnym:fix/reject-unknown-config-fields kennethnym:feat/put-source-config kennethnym:feat/patch-user-source-config kennethnym:kn/query-enabled-sources-before-providers kennethnym:kn/feat/per-user-source-refresh kennethnym:feat/admin-api kennethnym:kn/feat/runtime-provider-hotswap kennethnym:feat/drizzle-studio-service kennethnym:feat/admin-plugin kennethnym:feat/db-persistence-layer kennethnym:fix/remove-dev-auth-bypass kennethnym:kn/feat/async-feed-source-provider kennethnym:feat/client-api-wiring kennethnym:feat/feed-renderer-api kennethnym:feat/tfl-renderer kennethnym:feat/caldav-feed-item-renderer kennethnym:feat/feed-item-source-id kennethnym:ci/waitlist-website-docker-build kennethnym:feat/button-icon-subcomponent kennethnym:feat/feed-item-renderer-type kennethnym:feat/aelis-components-jrx kennethnym:kn/feat/json-render-catalog-registry kennethnym:feat/component-library kennethnym:feat/context-endpoint kennethnym:refactor/rename-feed-to-engine kennethnym:feat/rendered-feed-item kennethnym:feat/dev-auth-bypass kennethnym:feat/caldav-slots-v2 kennethnym:feat/rename-aris-to-aelis kennethnym:fix/waitlist-email-rate-limit kennethnym:feat/waitlist-website kennethnym:feat/feed-enhancement kennethnym:feat/caldav-slots kennethnym:fix/caldav-recurrence kennethnym:feat/weatherkit-slots kennethnym:feat/feed-item-slots kennethnym:feat/time-of-day-enhancer kennethnym:feat/tuple-context-keys kennethnym:fix/feed-item-type-casing kennethnym:fix/weatherkit-type-exports kennethnym:fix/google-calendar-type-exports kennethnym:feat/tfl-feed-item-type kennethnym:feat/caldav-feed-item-type kennethnym:feat/feed-enhancement-boost kennethnym:feat/gpg-commit-signing-skill kennethnym:feat/post-processor-context-param kennethnym:feat/caldav-source kennethnym:feat/feed-post-processor kennethnym:fix/remove-apple-calendar-source kennethnym:feat/feed-item-signals kennethnym:docs/update-ui-rendering-model kennethnym:feat/agent-vision-docs kennethnym:feat/feed-endpoint kennethnym:feat/feed-engine-cache kennethnym:refactor/remove-trpc kennethnym:feat/source-serif-4-font kennethnym:dev/ios-simulator-build kennethnym:feat/react-native-svg kennethnym:feat/replace-tamagui-with-twrnc kennethnym:feat/aris-client-scaffold kennethnym:feat/consolidate-backend-services kennethnym:feat/feed-source-actions kennethnym:refactor/required-fetch-context kennethnym:feat/google-calendar-source kennethnym:feat/apple-calendar-source kennethnym:feat/weather-service kennethnym:feat/tfl-service kennethnym:ci/devcontainer-bun-install kennethnym:feat/feed-engine-service kennethnym:feat/location-router kennethnym:feat/trpc kennethnym:feat/location-service kennethnym:feat/auth kennethnym:feat/aris-backend kennethnym:feat/source-tfl kennethnym:feat/feed-engine kennethnym:feat/source-weatherkit kennethnym:fix/core-package-json-paths kennethnym:feat/feed-source-interface kennethnym:docs/gpg-signing-instruction kennethnym:feat/feed-controller-orchestration kennethnym:fix/oxfmt-ignore-patterns kennethnym:chore/add-claude-skills kennethnym:feat/data-source-tfl kennethnym:dev/agents-md kennethnym:feat/data-source-weatherkit kennethnym:ci/init

3 Commits
feat/admin ... fix/dashbo

Author SHA1 Message Date
kenneth
3a4e393e7a fix(admin-dashboard): redirect to login on session fetch failure 
Wrap the session check in beforeLoad with a try/catch so
network errors, 404s, and other failures redirect to the
login page instead of showing an error boundary.

Co-authored-by: Ona <no-reply@ona.com>
 2026-03-24 21:10:31 +00:00
Kenneth
9b0ac1cd4e feat: add admin dashboard app (#91) 
* feat: add admin dashboard app

- React + Vite + TanStack Router + TanStack Query
- Auth with better-auth (login, session, admin guard)
- Source config management (WeatherKit credentials, user config)
- Feed query panel
- Location push card
- General settings with health check
- CORS middleware for cross-origin auth
- Disable CSRF check in dev mode
- Sonner toasts for mutation feedback

Co-authored-by: Ona <no-reply@ona.com>

* fix: use useQuery instead of getQueryData

Co-authored-by: Ona <no-reply@ona.com>

* refactor: remove backend changes from dashboard PR

Backend CORS/CSRF changes moved to #92.
Source registry removed (sources hardcoded in frontend).

Co-authored-by: Ona <no-reply@ona.com>

---------

Co-authored-by: Ona <no-reply@ona.com>
 2026-03-23 00:31:34 +00:00
Kenneth
35c6371d48 fix(backend): add CORS and disable CSRF in dev (#92) 
* fix(backend): add CORS middleware and disable CSRF in dev

- Add CORS middleware for /api/auth/* and global routes
- Disable better-auth CSRF origin check when NODE_ENV != production

Co-authored-by: Ona <no-reply@ona.com>

* fix: gate permissive CORS to dev only

In production, only origins listed in CORS_ORIGINS env
var are allowed. In dev, any origin is reflected back.

Co-authored-by: Ona <no-reply@ona.com>

---------

Co-authored-by: Ona <no-reply@ona.com>
 2026-03-23 00:31:23 +00:00
3 changed files with 41 additions and 4 deletions
Expand all files Collapse all files

13
apps/admin-dashboard/src/routes/_dashboard.tsx
View File

@@ -47,10 +47,15 @@ export const Route = createRoute({
getParentRoute: () => rootRoute,
id: "dashboard",
beforeLoad: async ({ context }) => {
const session = await context.queryClient.ensureQueryData({
queryKey: ["session"],
queryFn: getSession,
})
let session: Awaited<ReturnType<typeof getSession>> | null = null
try {
session = await context.queryClient.ensureQueryData({
queryKey: ["session"],
queryFn: getSession,
})
} catch {
throw redirect({ to: "/login" })
}
if (!session?.user) {
throw redirect({ to: "/login" })
}

3
apps/aelis-backend/src/auth/index.ts
View File

@@ -16,6 +16,9 @@ export function createAuth(db: Database) {
provider: "pg",
schema,
}),
advanced: {
disableCSRFCheck: process.env.NODE_ENV !== "production",
},
emailAndPassword: {
enabled: true,
},

29
apps/aelis-backend/src/server.ts
View File

@@ -1,4 +1,5 @@
import { Hono } from "hono"
import { cors } from "hono/cors"
import { registerAdminHttpHandlers } from "./admin/http.ts"
import { createRequireAdmin } from "./auth/admin-middleware.ts"
@@ -50,6 +51,34 @@ function main() {
const app = new Hono()
const isDev = process.env.NODE_ENV !== "production"
const allowedOrigins = process.env.CORS_ORIGINS?.split(",").map((o) => o.trim()) ?? []
function resolveOrigin(origin: string): string | undefined {
if (isDev) return origin
return allowedOrigins.includes(origin) ? origin : undefined
}
app.use(
"/api/auth/*",
cors({
origin: resolveOrigin,
allowHeaders: ["Content-Type", "Authorization"],
allowMethods: ["POST", "GET", "OPTIONS"],
exposeHeaders: ["Content-Length"],
maxAge: 600,
credentials: true,
}),
)
app.use(
"*",
cors({
origin: resolveOrigin,
credentials: true,
}),
)
app.get("/health", (c) => c.json({ status: "ok" }))
const authSessionMiddleware = createRequireSession(auth)