Scaffold NewApproach: Full-stack Bun+Hono+TypeScript+TailwindCSS project
- Create modular project structure with src/backend, src/frontend, public - Hono server with routing, static file serving, and API endpoints - TailwindCSS styling pipeline with Tailwind CLI - Vanilla JS frontend (extensible for frameworks) - Complete TypeScript configuration and type checking - Auth module as self-contained submodule - Ready for development: bun run dev (port 3000) - All dependencies installed and tested Also: - Lock main branch with read-only settings in VS Code - Create .github/copilot-instructions.md with Monica persona - Initialize session logging system Status: Project ready for feature development
This commit is contained in:
@@ -0,0 +1,87 @@
|
||||
# Auth Module
|
||||
|
||||
Universal, pattern-based authentication token management for multi-auth scenarios.
|
||||
|
||||
## Overview
|
||||
|
||||
The Auth module provides a standardized interface for managing authentication tokens across different providers (PocketBase, Microsoft Graph) and auth flows (delegated, app-only).
|
||||
|
||||
## Key Features
|
||||
|
||||
- **Pattern-based configuration**: Enable only the auth flows you need (`pb`, `graph`, `pb+graph`)
|
||||
- **Unified token storage**: All tokens stored in localStorage under consistent keys
|
||||
- **Type-safe**: Full TypeScript support with explicit token types
|
||||
- **Modular**: Works standalone; extend or integrate with larger auth systems
|
||||
- **No dependencies**: Uses browser APIs only (localStorage, optional PocketBase SDK)
|
||||
|
||||
## Quick Start
|
||||
|
||||
### Basic Usage
|
||||
|
||||
```typescript
|
||||
import Auth from './auth.ts';
|
||||
|
||||
// Initialize with pattern and optional config
|
||||
await Auth.configure('pb+graph', {
|
||||
pbUrl: 'http://localhost:8090',
|
||||
graphApiUrl: 'https://graph.microsoft.com/v1.0'
|
||||
});
|
||||
|
||||
// Get a token
|
||||
const pbUserToken = Auth.getToken('pb-user');
|
||||
const graphToken = Auth.getToken('graph-user');
|
||||
|
||||
// Set a token
|
||||
Auth.setToken('graph-user', 'access_token_here');
|
||||
|
||||
// Clear specific token
|
||||
Auth.clearToken('pb-user');
|
||||
|
||||
// Clear all tokens
|
||||
Auth.clearAllTokens();
|
||||
```
|
||||
|
||||
## Token Types
|
||||
|
||||
- `pb-user`: PocketBase user authentication token
|
||||
- `pb-agent`: PocketBase service account token
|
||||
- `graph-user`: Microsoft Graph delegated token (on behalf of user)
|
||||
- `graph-agent`: Microsoft Graph app-only token (service principal)
|
||||
|
||||
## Configuration
|
||||
|
||||
```typescript
|
||||
interface AuthConfig {
|
||||
pbUrl?: string; // PocketBase URL (default: http://127.0.0.1:8090)
|
||||
graphApiUrl?: string; // Graph API URL (not required for token storage)
|
||||
}
|
||||
```
|
||||
|
||||
## Security Considerations
|
||||
|
||||
- Tokens are stored in plaintext in `localStorage`
|
||||
- Never store highly sensitive credentials in browser localStorage
|
||||
- For production: consider using secure HTTP-only cookies via backend
|
||||
- Implement token refresh logic before expiration
|
||||
- Clear tokens on logout
|
||||
|
||||
## File Structure
|
||||
|
||||
```
|
||||
auth/
|
||||
├── auth.ts # Main module (TypeScript)
|
||||
├── auth-test.html # Test/demo HTML
|
||||
└── README.md # This file
|
||||
```
|
||||
|
||||
## Testing
|
||||
|
||||
Open `auth-test.html` in a browser to test the module functionality.
|
||||
|
||||
## Future Enhancements
|
||||
|
||||
- Token refresh logic
|
||||
- Expiration tracking
|
||||
- Secure storage option (HTTP-only cookies via backend)
|
||||
- Multiple identity provider support
|
||||
- Event emitters for token changes
|
||||
Reference in New Issue
Block a user