alpha
Login
or
Join now
jeremy.herve.bzh
/
skypress
Star
0
Fork
0
Atom
Configure Feed
Issues
Pull Requests
Commits
Tags
Feed URL
Select the types of activity you want to include in your feed.
A calm place to write long-form, and publish it to the open social web.
skypress.blog/
Star
0
Fork
0
Atom
Configure Feed
Issues
Pull Requests
Commits
Tags
Feed URL
Select the types of activity you want to include in your feed.
Overview
Issues
Pulls
Pipelines
skypress
/
src
/
lib
/
auth
/
at
trunk
13 files
Jeremy Herve
Return the OAuth round-trip to the page sign-in started on
8d ago
9c639abe
AuthProvider.test.tsx
Return the OAuth round-trip to the page sign-in started on Signing in from /write returned the writer to /editor with an empty editor: atproto only redirects to a registered redirect_uri and, called without one, defaults to client-metadata.json's first entry — which was the lone /editor/. The writing-first draft survived (draft-store persists across the redirect) but the publish-intent resume was orphaned on the wrong page. Register every OAuth-island route and pin the round-trip to the originating page: - OAUTH_REDIRECT_PATHS is the single source of truth (/editor/ first as the safe fallback); client-metadata.json generates redirect_uris from it. - AuthProvider.signIn passes redirect_uri for the current page in hosted mode; loopback (dev) already round-trips per-page, so it passes none. Regression tests cover the redirect helper, the generated metadata, and the signIn wiring.
1 week ago
AuthProvider.tsx
Return the OAuth round-trip to the page sign-in started on Signing in from /write returned the writer to /editor with an empty editor: atproto only redirects to a registered redirect_uri and, called without one, defaults to client-metadata.json's first entry — which was the lone /editor/. The writing-first draft survived (draft-store persists across the redirect) but the publish-intent resume was orphaned on the wrong page. Register every OAuth-island route and pin the round-trip to the originating page: - OAUTH_REDIRECT_PATHS is the single source of truth (/editor/ first as the safe fallback); client-metadata.json generates redirect_uris from it. - AuthProvider.signIn passes redirect_uri for the current page in hosted mode; loopback (dev) already round-trips per-page, so it passes none. Regression tests cover the redirect helper, the generated metadata, and the signIn wiring.
1 week ago
LoginForm.tsx
Refine landing: grotesk buttons, stronger hero contrast, honest copy - Buttons use Overused Grotesk instead of IBM Plex Mono (labels stay mono) - Hero lede/actions: higher text opacity, text-shadow, frosted ghost chips so they read at every phase - Drop the inaccurate 'your own server' claim (most users are on Bluesky's PDS) -> 'your account' / 'the open social web' - 'built on Gutenberg' -> 'built with the WordPress block editor'
2 weeks ago
config.test.ts
Return the OAuth round-trip to the page sign-in started on Signing in from /write returned the writer to /editor with an empty editor: atproto only redirects to a registered redirect_uri and, called without one, defaults to client-metadata.json's first entry — which was the lone /editor/. The writing-first draft survived (draft-store persists across the redirect) but the publish-intent resume was orphaned on the wrong page. Register every OAuth-island route and pin the round-trip to the originating page: - OAUTH_REDIRECT_PATHS is the single source of truth (/editor/ first as the safe fallback); client-metadata.json generates redirect_uris from it. - AuthProvider.signIn passes redirect_uri for the current page in hosted mode; loopback (dev) already round-trips per-page, so it passes none. Regression tests cover the redirect helper, the generated metadata, and the signIn wiring.
1 week ago
config.ts
Return the OAuth round-trip to the page sign-in started on Signing in from /write returned the writer to /editor with an empty editor: atproto only redirects to a registered redirect_uri and, called without one, defaults to client-metadata.json's first entry — which was the lone /editor/. The writing-first draft survived (draft-store persists across the redirect) but the publish-intent resume was orphaned on the wrong page. Register every OAuth-island route and pin the round-trip to the originating page: - OAUTH_REDIRECT_PATHS is the single source of truth (/editor/ first as the safe fallback); client-metadata.json generates redirect_uris from it. - AuthProvider.signIn passes redirect_uri for the current page in hosted mode; loopback (dev) already round-trips per-page, so it passes none. Regression tests cover the redirect helper, the generated metadata, and the signIn wiring.
1 week ago
cta.test.ts
Add owner-only "Create your first publication" CTA on the empty author page When a signed-in writer views their own public author page and has no publications yet, surface a button linking to /dashboard instead of only the "No SkyPress publications yet." line. The button is gated to the profile owner (viewer DID === profile DID); logged-out visitors and other accounts see the unchanged static text. The author page is server-rendered and cannot import the auth stack, so owner detection runs in a client:only React island (CreatePublicationCta) wrapping the existing @wordpress-free AuthProvider. The DID-comparison decision lives in a pure isProfileOwner helper, unit-tested per the repo's pure-logic test convention; its CSS sits in a global block since the island's DOM is outside Astro's scoped styles.
2 weeks ago
cta.ts
Add owner-only "Create your first publication" CTA on the empty author page When a signed-in writer views their own public author page and has no publications yet, surface a button linking to /dashboard instead of only the "No SkyPress publications yet." line. The button is gated to the profile owner (viewer DID === profile DID); logged-out visitors and other accounts see the unchanged static text. The author page is server-rendered and cannot import the auth stack, so owner detection runs in a client:only React island (CreatePublicationCta) wrapping the existing @wordpress-free AuthProvider. The DID-comparison decision lives in a pure isProfileOwner helper, unit-tested per the repo's pure-logic test convention; its CSS sits in a global block since the island's DOM is outside Astro's scoped styles.
2 weeks ago
nav.test.ts
Add appBarNav helper for the shared top bar
2 weeks ago
nav.ts
Add appBarNav helper for the shared top bar
2 weeks ago
oauth.ts
Add SP2 lexicon + two-record publish Define and document the SkyPress content lexicon and implement the core publish mechanic: write the writer's article to their PDS as a site.standard.document (block tree in content + de-facto-required textContent), ensure their site.standard.publication exists, and post a companion app.bsky.feed.post linking to the public article (POSSE). - lexicons/: blog.skypress.content.gutenberg.json + a README documenting every record SkyPress writes (verified site.standard.* shapes, ours, app.bsky). - src/lib/publish/records.ts: pure record/URL/slug builders + normalizeBlocks (strips clientId, JSON-normalises rich-text) — unit-tested. - src/lib/publish/publisher.ts: ensurePublication (matches OUR publication by url, so we never attach to another tool's standard.site publication) -> create post -> create document with bskyPostRef. Order avoids a circular dependency. - PublishPanel: title + publish with an unmistakable "this also posts to Bluesky" confirmation (brief §10). - Dev loopback client now requests `atproto transition:generic` so createRecord is authorized (one re-auth; handle now resolves via appview). Verified end-to-end against a real account: records fetched back from the PDS confirm the block tree stored as clean JSON, correct textContent, a real Bluesky post with an external embed, and bskyPostRef. The live test caught a bug (reusing a foreign publication) which is fixed by matching on url.
2 weeks ago
profile.test.ts
Lead the home page with the writing-first experience (/write) The /write route tested well, so promote it from a hidden parallel route to the home page's front door: the hero's primary CTA is now "Start writing →" to /write, with the handle sign-in demoted to a secondary "Already have an account?" path. Repoint the masthead "Write" button and the account menu's "Write" item (accountMenuItems) at /write too; the home page no longer links to the login-gated /editor. Update the prior landing-redesign guard (the new single "Start writing" CTA is intentional) and record the shift in 0020.
1 week ago
profile.ts
Lead the home page with the writing-first experience (/write) The /write route tested well, so promote it from a hidden parallel route to the home page's front door: the hero's primary CTA is now "Start writing →" to /write, with the handle sign-in demoted to a secondary "Already have an account?" path. Repoint the masthead "Write" button and the account menu's "Write" item (accountMenuItems) at /write too; the home page no longer links to the login-gated /editor. Update the prior landing-redesign guard (the new single "Start writing" CTA is intentional) and record the shift in 0020.
1 week ago
useAuth.ts
Add SP1 atproto OAuth (login, session, the Agent) Gate the editor behind atproto OAuth using a browser public client (@atproto/oauth-client-browser), per Decision 0004 — chosen over the brief's named @atproto/oauth-client-node because a confidential client needs a server-side session store, which would reintroduce the database the no-DB/edge architecture avoids. A public client (PKCE/DPoP, tokens in IndexedDB) needs no backend; "secrets never in the client" holds trivially (no secret). Flow: client.init() once on load (restore session or process the redirect callback) -> signIn(handle) redirects to the user's auth server -> session -> new Agent(session) for later com.atproto.repo.* calls (SP2). - Pure config/handle/scope logic in src/lib/auth/config.ts (7 Vitest tests). - AuthProvider context + useAuth + LoginForm; Studio island gates SkyEditor. - Dev uses an atproto loopback client; the client_id must be path-less and the origin must be 127.0.0.1 (not localhost) — oauth.ts builds it explicitly. - public/client-metadata.json for the hosted (prod) client (origin finalized in SP7). Verified end-to-end against a real Bluesky account: redirect to the genuine bsky.social authorize page, callback exchange, signed-in editor, and session persistence across reload. SP1 scope is atproto + transition:generic at the metadata level; granular write scopes land in SP2.
2 weeks ago