Remove ignored files from repository · atpota.to/flushes.app@b226400

.DS_Store

This is a binary file and will not be displayed.

-12

.env

··· 1 - # Supabase configuration 2 - SUPABASE_URL=your-supabase-url 3 - SUPABASE_SERVICE_ROLE_KEY=your-service-role-key 4 - 5 - # Bluesky Jetstream configuration 6 - JETSTREAM_URL=wss://jetstream2.us-west.bsky.network/subscribe 7 - FLUSHING_STATUS_NSID=im.flushing.right.now 8 - 9 - # Optional: Bluesky API configuration 10 - # Only needed if you want to authenticate with the Bluesky API 11 - # BLUESKY_API_USERNAME=your-bluesky-username 12 - # BLUESKY_API_PASSWORD=your-bluesky-password

-12

.env.example

··· 1 - # Supabase configuration 2 - SUPABASE_URL=your-supabase-url 3 - SUPABASE_SERVICE_ROLE_KEY=your-service-role-key 4 - 5 - # Bluesky Jetstream configuration 6 - JETSTREAM_URL=wss://jetstream2.us-west.bsky.network/subscribe 7 - FLUSHING_STATUS_NSID=im.flushing.right.now 8 - 9 - # Optional: Bluesky API configuration 10 - # Only needed if you want to authenticate with the Bluesky API 11 - # BLUESKY_API_USERNAME=your-bluesky-username 12 - # BLUESKY_API_PASSWORD=your-bluesky-password

-208

OAUTH_MIGRATION_GUIDE.md

··· 1 - # OAuth Migration Guide: Custom Implementation → @atproto/oauth-client-browser 2 - 3 - This guide explains how to migrate from your current custom OAuth implementation to the official `@atproto/oauth-client-browser` package, which provides better reliability, maintenance, and features. 4 - 5 - ## Overview of Changes 6 - 7 - ### What's Being Replaced 8 - 9 - **Current Implementation:** 10 - - Custom PKCE flow with manual code generation (`bluesky-auth.ts`) 11 - - Manual DPoP token generation and nonce handling 12 - - Complex token refresh logic with multiple retry strategies 13 - - Custom API proxy routes (`/api/auth/token`, `/api/auth/nonce`) 14 - - Manual storage management across localStorage/sessionStorage 15 - - Complex auth context with manual state management 16 - 17 - **New Implementation:** 18 - - Official `@atproto/oauth-client-browser` with automatic session management 19 - - Automatic token refresh and DPoP handling 20 - - Built-in IndexedDB storage 21 - - Direct integration with `@atproto/api` 22 - - Simplified auth context 23 - - No need for custom API routes 24 - 25 - ## Migration Steps 26 - 27 - ### 1. Update App Layout to Use New Auth Context 28 - 29 - Replace the old auth context with the new one in your main layout: 30 - 31 - ```tsx 32 - // Before: app/src/app/layout.tsx 33 - import { AuthProvider } from '@/lib/auth-context' 34 - 35 - // After: 36 - import { AuthProvider } from '@/lib/auth-context-new' 37 - ``` 38 - 39 - ### 2. Replace Login Page 40 - 41 - ```tsx 42 - // Replace: app/src/app/auth/login/page.tsx 43 - // With: app/src/app/auth/login/page-new.tsx 44 - 45 - // Then rename page-new.tsx to page.tsx 46 - ``` 47 - 48 - ### 3. Replace Callback Page 49 - 50 - ```tsx 51 - // Replace: app/src/app/auth/callback/page.tsx 52 - // With: app/src/app/auth/callback/page-new.tsx 53 - 54 - // Then rename page-new.tsx to page.tsx 55 - ``` 56 - 57 - ### 4. Update API Calls 58 - 59 - Replace your existing API calls with the new simplified client: 60 - 61 - ```tsx 62 - // Before: 63 - import { getProfile, makeAuthenticatedRequest } from '@/lib/bluesky-api' 64 - import { useAuth } from '@/lib/auth-context' 65 - 66 - const { accessToken, keyPair, dpopNonce, pdsEndpoint } = useAuth() 67 - const profile = await getProfile(accessToken, keyPair, dpopNonce, handle, pdsEndpoint) 68 - 69 - // After: 70 - import { getProfile } from '@/lib/api-client' 71 - import { useAuth } from '@/lib/auth-context-new' 72 - 73 - const { session } = useAuth() 74 - if (session) { 75 - const profile = await getProfile(session) 76 - } 77 - ``` 78 - 79 - ### 5. Update Components Using Auth 80 - 81 - Update any components that use the auth context: 82 - 83 - ```tsx 84 - // Before: 85 - const { isAuthenticated, accessToken, did, handle } = useAuth() 86 - 87 - // After: 88 - const { isAuthenticated, session } = useAuth() 89 - const did = session?.sub 90 - const handle = session?.info?.handle 91 - // Note: accessToken is available as session?.accessToken if needed for legacy code 92 - ``` 93 - 94 - ### 6. Remove Old Files 95 - 96 - After migration is complete and tested, you can remove these files: 97 - 98 - - `app/src/lib/bluesky-auth.ts` - Custom OAuth implementation 99 - - `app/src/lib/auth-context.tsx` - Old auth context (rename from auth-context-new.tsx) 100 - - `app/src/lib/storage-util.ts` - Custom storage utilities 101 - - `app/src/app/api/auth/token/route.ts` - Custom token exchange API 102 - - `app/src/app/api/auth/nonce/route.ts` - Custom nonce retrieval API 103 - - Old login and callback pages after replacement 104 - 105 - ### 7. Update Existing API Usage 106 - 107 - Replace complex API calls with simplified versions: 108 - 109 - ```tsx 110 - // Before: Making a post 111 - import { createPost } from '@/lib/bluesky-api' 112 - await createPost(accessToken, keyPair, dpopNonce, postData, pdsEndpoint) 113 - 114 - // After: 115 - import { createPost } from '@/lib/api-client' 116 - await createPost(session, { text: "Hello world!" }) 117 - ``` 118 - 119 - ## Benefits of Migration 120 - 121 - ### 1. **Simplified Codebase** 122 - - ~1000 lines of custom OAuth code removed 123 - - No more manual DPoP token generation 124 - - No more complex nonce handling 125 - - No more custom API routes 126 - 127 - ### 2. **Better Reliability** 128 - - Official implementation tested across many apps 129 - - Automatic retry logic for failed requests 130 - - Better error handling and recovery 131 - - Proper session lifecycle management 132 - 133 - ### 3. **Improved Security** 134 - - Uses secure IndexedDB storage instead of localStorage 135 - - Proper token refresh with automatic retries 136 - - Better handling of session invalidation 137 - - DPoP implementation follows latest specs 138 - 139 - ### 4. **Enhanced Features** 140 - - Automatic handle resolution 141 - - Built-in support for third-party PDS servers 142 - - Session restoration across browser sessions 143 - - Event listeners for session changes 144 - 145 - ### 5. **Better Maintenance** 146 - - Official package maintained by AT Protocol team 147 - - Regular updates and security patches 148 - - Better TypeScript support 149 - - Comprehensive documentation 150 - 151 - ## Compatibility Notes 152 - 153 - ### Third-Party PDS Support 154 - The new implementation maintains full support for third-party PDS servers like `geese.blue`. The OAuth client automatically: 155 - - Resolves handle to find the correct PDS 156 - - Uses the appropriate OAuth endpoints 157 - - Manages cross-PDS authentication flows 158 - 159 - ### Legacy Code Support 160 - The new auth context provides backward compatibility properties: 161 - - `accessToken` - Available as `session?.accessToken` 162 - - `refreshToken` - Available as `session?.refreshToken` 163 - - `did` - Available as `session?.sub` 164 - - `handle` - Available as `session?.info?.handle` 165 - - `pdsEndpoint` - Extracted from session info 166 - 167 - ## Testing the Migration 168 - 169 - ### 1. Test Basic Authentication 170 - - Sign in with a Bluesky handle (e.g., `alice.bsky.social`) 171 - - Verify the callback completes successfully 172 - - Check that session is restored on page refresh 173 - 174 - ### 2. Test Third-Party PDS 175 - - Sign in with a third-party PDS handle (e.g., `alice.geese.blue`) 176 - - Verify it resolves to the correct PDS 177 - - Test that API calls work correctly 178 - 179 - ### 3. Test Session Management 180 - - Sign in and close the browser 181 - - Reopen and verify session is restored 182 - - Test sign out functionality 183 - 184 - ### 4. Test API Calls 185 - - Verify profile loading works 186 - - Test creating posts 187 - - Test liking/unliking posts 188 - - Test following/unfollowing users 189 - 190 - ## Rollback Plan 191 - 192 - If issues arise, you can quickly rollback: 193 - 194 - 1. Revert the auth context import in `layout.tsx` 195 - 2. Restore the original login/callback pages 196 - 3. Keep the old implementation files until migration is stable 197 - 198 - The old API routes and implementation can remain in place during testing for safety. 199 - 200 - ## Support 201 - 202 - If you encounter issues during migration: 203 - 1. Check browser console for OAuth client errors 204 - 2. Verify the client metadata URL is accessible 205 - 3. Test with different handle types (Bluesky vs third-party) 206 - 4. Check that the redirect URI matches exactly 207 - 208 - The new implementation should handle most edge cases that the custom implementation addressed, but with much less complexity.

-187

README_OAUTH_MIGRATION.md

··· 1 - # 🚀 OAuth Migration to @atproto/oauth-client-browser 2 - 3 - Your app has been successfully set up with a new, simplified OAuth implementation using the official `@atproto/oauth-client-browser` package. This migration will replace ~1000 lines of custom OAuth code with a robust, officially-maintained solution. 4 - 5 - ## 📁 New Files Created 6 - 7 - ### Core OAuth Implementation 8 - - **`app/src/lib/oauth-client.ts`** - OAuth client setup and configuration 9 - - **`app/src/lib/auth-context-new.tsx`** - New auth context using OAuth client 10 - - **`app/src/lib/api-client.ts`** - Simplified API calls using OAuth sessions 11 - 12 - ### Updated Pages 13 - - **`app/src/app/auth/login/page-new.tsx`** - Simplified login page 14 - - **`app/src/app/auth/callback/page-new.tsx`** - Simplified callback handling 15 - 16 - ### Documentation & Scripts 17 - - **`OAUTH_MIGRATION_GUIDE.md`** - Detailed migration guide 18 - - **`test-new-oauth.js`** - Script to test new implementation 19 - - **`restore-oauth.js`** - Script to restore original implementation 20 - 21 - ## 🧪 How to Test the New Implementation 22 - 23 - ### 1. Test the New OAuth System 24 - 25 - ```bash 26 - # Run the test setup script 27 - ./test-new-oauth.js 28 - 29 - # Start the development server 30 - cd app && npm run dev 31 - ``` 32 - 33 - ### 2. Test Authentication Flow 34 - 35 - 1. **Visit** http://localhost:3000 36 - 2. **Click Login** to go to the new login page 37 - 3. **Test with different handles:** 38 - - Bluesky: `yourhandle.bsky.social` 39 - - Third-party PDS: `handle.geese.blue` 40 - - Custom domain: `yourhandle.yourdomain.com` 41 - 4. **Verify** the callback completes successfully 42 - 5. **Check** that you're authenticated on the home page 43 - 44 - ### 3. Test Session Management 45 - 46 - 1. **Sign in** and verify it works 47 - 2. **Refresh the page** - should stay signed in 48 - 3. **Close and reopen browser** - should restore session 49 - 4. **Test sign out** - should clear session properly 50 - 51 - ### 4. Restore Original (if needed) 52 - 53 - ```bash 54 - # Restore the original implementation 55 - ./restore-oauth.js 56 - ``` 57 - 58 - ## ✨ Key Benefits of Migration 59 - 60 - ### **Simplified Codebase** 61 - - Removes ~1000 lines of custom OAuth code 62 - - No more manual PKCE flow implementation 63 - - No more custom DPoP token generation 64 - - No more complex nonce handling 65 - - Eliminates custom API routes (`/api/auth/token`, `/api/auth/nonce`) 66 - 67 - ### **Better Reliability** 68 - - Official implementation tested across many applications 69 - - Automatic token refresh with proper retry logic 70 - - Better error handling and recovery 71 - - Proper session lifecycle management 72 - 73 - ### **Enhanced Security** 74 - - Uses secure IndexedDB storage instead of localStorage 75 - - Follows latest AT Protocol OAuth specifications 76 - - Automatic DPoP implementation 77 - - Better session invalidation handling 78 - 79 - ### **Improved Developer Experience** 80 - - Direct integration with `@atproto/api` Agent 81 - - Automatic handle resolution 82 - - Built-in support for third-party PDS servers 83 - - Event listeners for session changes 84 - - Better TypeScript support 85 - 86 - ## 🔄 Migration Process (When Ready) 87 - 88 - ### Phase 1: Backup & Prepare 89 - ```bash 90 - # Already done - scripts handle this automatically 91 - ``` 92 - 93 - ### Phase 2: Switch to New Implementation 94 - ```bash 95 - # Replace the auth context import in layout.tsx 96 - # From: '@/lib/auth-context' 97 - # To: '@/lib/auth-context-new' 98 - ``` 99 - 100 - ### Phase 3: Update Pages 101 - ```bash 102 - # Replace login page 103 - mv app/src/app/auth/login/page.tsx app/src/app/auth/login/page-old.tsx 104 - mv app/src/app/auth/login/page-new.tsx app/src/app/auth/login/page.tsx 105 - 106 - # Replace callback page 107 - mv app/src/app/auth/callback/page.tsx app/src/app/auth/callback/page-old.tsx 108 - mv app/src/app/auth/callback/page-new.tsx app/src/app/auth/callback/page.tsx 109 - ``` 110 - 111 - ### Phase 4: Update API Calls 112 - Replace complex API calls throughout your app: 113 - 114 - ```tsx 115 - // Before 116 - import { getProfile } from '@/lib/bluesky-api' 117 - const profile = await getProfile(accessToken, keyPair, dpopNonce, handle, pdsEndpoint) 118 - 119 - // After 120 - import { getProfile } from '@/lib/api-client' 121 - const profile = await getProfile(session) 122 - ``` 123 - 124 - ### Phase 5: Cleanup (After Testing) 125 - Remove old files when confident in the new implementation: 126 - - `app/src/lib/bluesky-auth.ts` 127 - - `app/src/lib/auth-context.tsx` (old version) 128 - - `app/src/lib/storage-util.ts` 129 - - `app/src/app/api/auth/token/route.ts` 130 - - `app/src/app/api/auth/nonce/route.ts` 131 - 132 - ## 🛠 Compatibility Notes 133 - 134 - ### **Legacy Code Support** 135 - The new auth context provides backward compatibility: 136 - - `accessToken` → `session?.accessToken` 137 - - `refreshToken` → `session?.refreshToken` 138 - - `did` → `session?.sub` 139 - - `handle` → `session?.info?.handle` 140 - - `pdsEndpoint` → extracted from session info 141 - 142 - ### **Third-Party PDS Support** 143 - Full support maintained for: 144 - - ✅ Bluesky (bsky.social) 145 - - ✅ Custom domains (alice.example.com) 146 - - ✅ Third-party PDS (geese.blue, etc.) 147 - - ✅ Self-hosted instances 148 - 149 - ### **Existing API Calls** 150 - Most existing API calls will continue to work during transition period due to legacy compatibility properties. 151 - 152 - ## 🐛 Troubleshooting 153 - 154 - ### **If Login Fails** 155 - 1. Check browser console for errors 156 - 2. Verify client metadata is accessible at https://flushes.app/client-metadata.json 157 - 3. Ensure handle resolution is working 158 - 4. Test with a simple Bluesky handle first 159 - 160 - ### **If Session Not Restored** 161 - 1. Check if IndexedDB is enabled in browser 162 - 2. Verify no browser extensions blocking storage 163 - 3. Check for console errors during initialization 164 - 165 - ### **If API Calls Fail** 166 - 1. Verify session object has required properties 167 - 2. Check if using new API client methods 168 - 3. Ensure proper error handling for session expiration 169 - 170 - ## 📞 Support 171 - 172 - If you encounter any issues: 173 - 174 - 1. **Check the logs** - The new implementation provides detailed console logging 175 - 2. **Test incrementally** - Use the test scripts to verify each step 176 - 3. **Rollback if needed** - The restore script quickly reverts changes 177 - 4. **Reference the guide** - See `OAUTH_MIGRATION_GUIDE.md` for detailed steps 178 - 179 - ## 🎉 Next Steps 180 - 181 - 1. **Test thoroughly** with the new implementation 182 - 2. **Update your components** to use the new auth context 183 - 3. **Migrate API calls** to use the new client 184 - 4. **Remove old files** once confident in the new system 185 - 5. **Enjoy** the simplified, more reliable OAuth flow! 186 - 187 - The migration significantly reduces complexity while providing better reliability, security, and developer experience. The official `@atproto/oauth-client-browser` package handles all the OAuth complexity for you.

-47

restore-oauth.js

··· 1 - #!/usr/bin/env node 2 - 3 - /** 4 - * Restore script for OAuth migration 5 - * 6 - * This script restores the original OAuth implementation after testing 7 - * Run with: node restore-oauth.js 8 - */ 9 - 10 - const fs = require('fs'); 11 - const path = require('path'); 12 - 13 - const LAYOUT_PATH = path.join(__dirname, 'app/src/app/layout.tsx'); 14 - const BACKUP_PATH = path.join(__dirname, 'app/src/app/layout.tsx.backup'); 15 - 16 - function restore() { 17 - try { 18 - // Check if backup exists 19 - if (!fs.existsSync(BACKUP_PATH)) { 20 - console.log('⚠️ No backup found - nothing to restore'); 21 - return; 22 - } 23 - 24 - // Read backup content 25 - const backupContent = fs.readFileSync(BACKUP_PATH, 'utf8'); 26 - 27 - // Restore the original file 28 - fs.writeFileSync(LAYOUT_PATH, backupContent); 29 - console.log('✅ Restored original layout.tsx'); 30 - 31 - // Remove backup file 32 - fs.unlinkSync(BACKUP_PATH); 33 - console.log('✅ Cleaned up backup file'); 34 - 35 - console.log('\n🔄 Restoration Complete!'); 36 - console.log(''); 37 - console.log('The app is now using the original OAuth implementation.'); 38 - console.log(''); 39 - 40 - } catch (error) { 41 - console.error('❌ Error restoring layout:', error.message); 42 - } 43 - } 44 - 45 - // Main execution 46 - console.log('🔄 Restoring original OAuth implementation...\n'); 47 - restore();

-79

test-new-oauth.js

··· 1 - #!/usr/bin/env node 2 - 3 - /** 4 - * Test script for OAuth migration 5 - * 6 - * This script temporarily switches the app to use the new OAuth implementation 7 - * for testing purposes. Run with: node test-new-oauth.js 8 - */ 9 - 10 - const fs = require('fs'); 11 - const path = require('path'); 12 - 13 - const LAYOUT_PATH = path.join(__dirname, 'app/src/app/layout.tsx'); 14 - const BACKUP_PATH = path.join(__dirname, 'app/src/app/layout.tsx.backup'); 15 - 16 - function backupAndUpdate() { 17 - try { 18 - // Read the current layout file 19 - const layoutContent = fs.readFileSync(LAYOUT_PATH, 'utf8'); 20 - 21 - // Create backup 22 - fs.writeFileSync(BACKUP_PATH, layoutContent); 23 - console.log('✅ Created backup of layout.tsx'); 24 - 25 - // Update to use new auth context 26 - const updatedContent = layoutContent.replace( 27 - "import { AuthProvider } from '@/lib/auth-context';", 28 - "import { AuthProvider } from '@/lib/auth-context-new';" 29 - ); 30 - 31 - if (updatedContent === layoutContent) { 32 - console.log('⚠️ No changes needed - import not found or already updated'); 33 - return; 34 - } 35 - 36 - // Write updated content 37 - fs.writeFileSync(LAYOUT_PATH, updatedContent); 38 - console.log('✅ Updated layout.tsx to use new OAuth implementation'); 39 - 40 - console.log('\n🧪 Test Setup Complete!'); 41 - console.log(''); 42 - console.log('Next steps:'); 43 - console.log('1. Run: cd app && npm run dev'); 44 - console.log('2. Test authentication at http://localhost:3000/auth/login'); 45 - console.log('3. Try both Bluesky and third-party PDS handles'); 46 - console.log('4. When done testing, run: node restore-oauth.js'); 47 - console.log(''); 48 - 49 - } catch (error) { 50 - console.error('❌ Error updating layout:', error.message); 51 - } 52 - } 53 - 54 - function checkFiles() { 55 - const requiredFiles = [ 56 - 'app/src/lib/oauth-client.ts', 57 - 'app/src/lib/auth-context-new.tsx', 58 - 'app/src/lib/api-client.ts', 59 - 'app/src/app/auth/login/page-new.tsx', 60 - 'app/src/app/auth/callback/page-new.tsx' 61 - ]; 62 - 63 - const missingFiles = requiredFiles.filter(file => !fs.existsSync(file)); 64 - 65 - if (missingFiles.length > 0) { 66 - console.error('❌ Missing required files:'); 67 - missingFiles.forEach(file => console.error(` - ${file}`)); 68 - console.error('\nPlease ensure all new OAuth files have been created.'); 69 - process.exit(1); 70 - } 71 - 72 - console.log('✅ All required files found'); 73 - } 74 - 75 - // Main execution 76 - console.log('🔄 Setting up OAuth migration test...\n'); 77 - 78 - checkFiles(); 79 - backupAndUpdate();

Configure Feed

Configure Feed