hzhang
d1d2ae2fb1
Replaces the dev-bypass-only AuthProvider with a real backend-mediated
OIDC client. Backend ships the OIDC plumbing in
Dialectic.Backend@2463129; this SPA drives it.
Auth flow:
1. On mount: GET /api/auth/oidc/status (is OIDC configured?) + GET
/api/auth/me (who am I — reads the dialectic_session HttpOnly
cookie if present).
2. Anon + click 'login' → window.location = /api/auth/oidc/start
(backend redirects to IdP authorize URL with PKCE + state).
3. IdP returns to backend /api/auth/oidc/callback → backend redirects
here to /oidc/callback#oidc_ticket=<base64url>.
4. OidcCallbackPage POSTs the ticket to /api/auth/oidc/exchange →
backend Set-Cookie's the session JWT → refresh() AuthProvider →
navigate to /.
5. Header shows user.name + 'logout' button. Logout → POST
/api/auth/logout (cookie cleared by backend) → user state cleared.
UI changes:
- Header gets a Login button (acid primary style) when anon + OIDC
enabled; logged-in pill (name + logout) when authenticated.
- 'oidc not configured' message when backend reports
/api/auth/oidc/status enabled=false (operator needs to run
dialectic-cli config oidc first).
- Removed /agents/:id route + AgentActivity page + nav link entirely
(per user request; admin endpoint stays on backend for curl).
- Removed Link to /agents/* from TopicDetail + Verdict pages.
api.ts:
- Adds credentials:'same-origin' on every fetch so the session cookie
rides along.
- Drops the admin: opt + x-dialectic-admin-key header path (no more
AgentActivity consumer).
- Keeps dev-bypass header support gated on VITE_OIDC_DEV_BYPASS for
dev convenience — backend's OIDC_ONLY=true env disables it server-
side anyway.
types.ts: AgentSummary type removed.
Build delta: 178KB → 179KB / gzip 57.12 → 57.70 (oidc-client overhead
is just the AuthProvider polling code; no oidc-client-ts lib needed
since the backend drives the redirect flow).
71 lines
1.6 KiB
TypeScript
71 lines
1.6 KiB
TypeScript
// Mirrors the Dialectic.Backend models — kept in sync by hand. If a
|
|
// field is added on the backend (models/topic.go / store responses),
|
|
// also add it here so the UI can use it.
|
|
|
|
export type TopicStatus =
|
|
| 'created'
|
|
| 'signup_open'
|
|
| 'signup_closed'
|
|
| 'debating'
|
|
| 'completed'
|
|
| 'cancelled';
|
|
|
|
export type Visibility = 'public' | 'private';
|
|
|
|
export type Camp = 'pro' | 'con' | 'judge';
|
|
|
|
export interface Topic {
|
|
id: string;
|
|
title: string;
|
|
summary: string;
|
|
visibility: Visibility;
|
|
verdict_schema_id: string;
|
|
status: TopicStatus;
|
|
signup_open_at: string;
|
|
signup_close_at: string;
|
|
debate_start_at: string;
|
|
debate_end_at: string;
|
|
creator_user_id: string;
|
|
visibility_changed_by?: string | null;
|
|
visibility_changed_at?: string | null;
|
|
cancelled_reason?: string | null;
|
|
created_at: string;
|
|
updated_at: string;
|
|
}
|
|
|
|
export interface CampAllocation {
|
|
id: string;
|
|
topic_id: string;
|
|
camp: Camp;
|
|
agent_id: string;
|
|
allocated_at: string;
|
|
}
|
|
|
|
// GET /api/topics/{id} returns the full Topic spread + `camps` sibling.
|
|
export interface TopicDetail extends Topic {
|
|
camps: CampAllocation[] | null;
|
|
}
|
|
|
|
export interface Argument {
|
|
id: string;
|
|
topic_id: string;
|
|
round_id: string;
|
|
camp: Camp;
|
|
agent_id: string;
|
|
content: string;
|
|
posted_at: string;
|
|
}
|
|
|
|
export interface Verdict {
|
|
id: string;
|
|
topic_id: string;
|
|
judge_agent_id: string;
|
|
// verdict shape depends on the topic's verdict_schema_id; UI shows raw JSON.
|
|
verdict: Record<string, unknown>;
|
|
rationale: string;
|
|
tokens_input: number;
|
|
tokens_output: number;
|
|
produced_at: string;
|
|
}
|
|
|