kyle
868f7efc23
Some checks failed
CI/CD Pipeline / Backend Tests (push) Has been cancelled
CI/CD Pipeline / Frontend Tests (push) Has been cancelled
CI/CD Pipeline / Build Docker Images (push) Has been cancelled
CI/CD Pipeline / Security Scan (push) Has been cancelled
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
Complete rewrite from Express to NestJS with enterprise-grade features: ## Backend Improvements - Migrated from Express to NestJS 11.0.1 with TypeScript - Implemented Prisma ORM 7.3.0 for type-safe database access - Added CASL authorization system replacing role-based guards - Created global exception filters with structured logging - Implemented Auth0 JWT authentication with Passport.js - Added vehicle management with conflict detection - Enhanced event scheduling with driver/vehicle assignment - Comprehensive error handling and logging ## Frontend Improvements - Upgraded to React 19.2.0 with Vite 7.2.4 - Implemented CASL-based permission system - Added AbilityContext for declarative permissions - Created ErrorHandler utility for consistent error messages - Enhanced API client with request/response logging - Added War Room (Command Center) dashboard - Created VIP Schedule view with complete itineraries - Implemented Vehicle Management UI - Added mock data generators for testing (288 events across 20 VIPs) ## New Features - Vehicle fleet management (types, capacity, status tracking) - Complete 3-day Jamboree schedule generation - Individual VIP schedule pages with PDF export (planned) - Real-time War Room dashboard with auto-refresh - Permission-based navigation filtering - First user auto-approval as administrator ## Documentation - Created CASL_AUTHORIZATION.md (comprehensive guide) - Created ERROR_HANDLING.md (error handling patterns) - Updated CLAUDE.md with new architecture - Added migration guides and best practices ## Technical Debt Resolved - Removed custom authentication in favor of Auth0 - Replaced role checks with CASL abilities - Standardized error responses across API - Implemented proper TypeScript typing - Added comprehensive logging Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
42 lines
1.5 KiB
TypeScript
42 lines
1.5 KiB
TypeScript
// Auth0-aware API client wrapper
|
|
// This file provides helper functions that automatically inject Auth0 tokens
|
|
|
|
import { api } from './client';
|
|
|
|
// Token provider function - will be set by App.tsx
|
|
let tokenProvider: (() => Promise<string>) | null = null;
|
|
|
|
export function setTokenProvider(provider: () => Promise<string>) {
|
|
tokenProvider = provider;
|
|
}
|
|
|
|
// Wrapper that automatically adds Auth0 token to requests
|
|
async function makeAuthenticatedRequest<T>(
|
|
requestFn: (headers: HeadersInit) => Promise<T>
|
|
): Promise<T> {
|
|
if (!tokenProvider) {
|
|
// Fallback to localStorage for non-Auth0 flows (shouldn't happen)
|
|
const token = localStorage.getItem('authToken');
|
|
const headers = token ? { Authorization: `Bearer ${token}` } : {};
|
|
return requestFn(headers);
|
|
}
|
|
|
|
try {
|
|
const token = await tokenProvider();
|
|
return requestFn({ Authorization: `Bearer ${token}` });
|
|
} catch (error) {
|
|
console.error('Failed to get access token:', error);
|
|
throw error;
|
|
}
|
|
}
|
|
|
|
// Re-export all API methods (they already handle authorization headers)
|
|
export { api, vipApi, driverApi, scheduleApi, authApi } from './client';
|
|
|
|
// Note: The original ApiClient in client.ts already reads from localStorage
|
|
// and adds the Authorization header. Auth0 SDK stores tokens in localStorage
|
|
// by default (cacheLocation: "localstorage"), so everything should work seamlessly.
|
|
//
|
|
// For more advanced use cases (e.g., using Auth0's memory cache or handling
|
|
// token refresh explicitly), you would use the tokenProvider approach above.
|