Simpl-Resultat

maximus/Simpl-Resultat

Fork 0

Commit graph

Author	SHA1	Message	Date
le king fu	3b1c41c48e	feat: settings banner when OAuth tokens fall back to file store (#81 ) Some checks are pending PR Check / rust (push) Waiting to run Details PR Check / frontend (push) Waiting to run Details PR Check / rust (pull_request) Successful in 22m28s Details PR Check / frontend (pull_request) Successful in 2m19s Details Adds a visible warning in the Settings page when `token_store` has landed in the file fallback instead of the OS keychain. Without this, a user on a keychain-less system would silently lose the security benefit introduced in #78 and never know. - New `get_token_store_mode` service wrapper in authService.ts. - New `TokenStoreFallbackBanner` component: fetches the mode on mount, renders nothing when mode is `keychain` or null, renders an amber warning card when mode is `file`. - Mounted in SettingsPage right after AccountCard so it sits next to the account state the user can fix (log out + log back in once the keychain is available). - i18n keys under `account.tokenStore.fallback.*` in fr/en. Refs #66 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-14 08:18:41 -04:00
le king fu	e314bbe1e3	fix: remove handle_auth_callback from invoke_handler All checks were successful PR Check / rust (push) Successful in 17m12s Details PR Check / frontend (push) Successful in 2m12s Details PR Check / rust (pull_request) Successful in 16m56s Details PR Check / frontend (pull_request) Successful in 2m14s Details The auth callback is handled exclusively via the deep-link handler in lib.rs — exposing it as a JS-invocable command is unnecessary attack surface. The frontend listens for auth-callback-success/error events instead. Plaintext token storage documented as known limitation (see #66). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-10 15:35:10 -04:00
le king fu	b53a902f11	feat: Maximus Account OAuth2 PKCE + machine activation + subscription check (#51 , #53 ) All checks were successful PR Check / rust (push) Successful in 16m34s Details PR Check / frontend (push) Successful in 2m14s Details PR Check / rust (pull_request) Successful in 16m31s Details PR Check / frontend (pull_request) Successful in 2m13s Details - Add auth_commands.rs: OAuth2 PKCE flow (start_oauth, handle_auth_callback, refresh_auth_token, get_account_info, check_subscription_status, logout) - Add deep-link handler in lib.rs for simpl-resultat://auth/callback - Add AccountCard.tsx + useAuth hook + authService.ts - Add machine activation commands (activate, deactivate, list, get_activation_status) - Extend LicenseCard with machine management UI - get_edition() now checks account subscription for Premium detection - Daily subscription status check (refresh token if last check > 24h) - Configure CSP for API/auth endpoints - Configure tauri-plugin-deep-link for desktop - Update i18n (FR/EN), changelogs, and architecture docs Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-10 14:18:51 -04:00

Author

SHA1

Message

Date

le king fu

3b1c41c48e

feat: settings banner when OAuth tokens fall back to file store (#81 )

PR Check / rust (push) Waiting to run

Details

PR Check / frontend (push) Waiting to run

Details

PR Check / rust (pull_request) Successful in 22m28s

Details

PR Check / frontend (pull_request) Successful in 2m19s

Details

Adds a visible warning in the Settings page when `token_store` has
landed in the file fallback instead of the OS keychain. Without this,
a user on a keychain-less system would silently lose the security
benefit introduced in #78 and never know.

- New `get_token_store_mode` service wrapper in authService.ts.
- New `TokenStoreFallbackBanner` component: fetches the mode on mount,
  renders nothing when mode is `keychain` or null, renders an
  amber warning card when mode is `file`.
- Mounted in SettingsPage right after AccountCard so it sits next to
  the account state the user can fix (log out + log back in once the
  keychain is available).
- i18n keys under `account.tokenStore.fallback.*` in fr/en.

Refs #66

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-14 08:18:41 -04:00

le king fu

e314bbe1e3

fix: remove handle_auth_callback from invoke_handler

PR Check / rust (push) Successful in 17m12s

Details

PR Check / frontend (push) Successful in 2m12s

Details

PR Check / rust (pull_request) Successful in 16m56s

Details

PR Check / frontend (pull_request) Successful in 2m14s

Details

The auth callback is handled exclusively via the deep-link handler in
lib.rs — exposing it as a JS-invocable command is unnecessary attack
surface. The frontend listens for auth-callback-success/error events
instead.

Plaintext token storage documented as known limitation (see #66).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-10 15:35:10 -04:00

le king fu

b53a902f11

feat: Maximus Account OAuth2 PKCE + machine activation + subscription check (#51 , #53 )

PR Check / rust (push) Successful in 16m34s

Details

PR Check / frontend (push) Successful in 2m14s

Details

PR Check / rust (pull_request) Successful in 16m31s

Details

PR Check / frontend (pull_request) Successful in 2m13s

Details

- Add auth_commands.rs: OAuth2 PKCE flow (start_oauth, handle_auth_callback,
  refresh_auth_token, get_account_info, check_subscription_status, logout)
- Add deep-link handler in lib.rs for simpl-resultat://auth/callback
- Add AccountCard.tsx + useAuth hook + authService.ts
- Add machine activation commands (activate, deactivate, list, get_activation_status)
- Extend LicenseCard with machine management UI
- get_edition() now checks account subscription for Premium detection
- Daily subscription status check (refresh token if last check > 24h)
- Configure CSP for API/auth endpoints
- Configure tauri-plugin-deep-link for desktop
- Update i18n (FR/EN), changelogs, and architecture docs

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-10 14:18:51 -04:00

3 commits