learning_ai_common_plat

bytelyst/learning_ai_common_plat

Fork 0

Commit Graph

Author	SHA1	Message	Date
saravanakumardb1	f1ebff5514	feat(scripts+ui): Tier 2 complete \u2014 common_plat 0 hex findings (was 59) Scanner refinements: - Exclude services/<svc>/src/ (Fastify backends, not UI) - Exclude packages/config/ (schema/defaults, not UI) - Exclude packages/devops/ (internal tooling) - Exclude packages/create-app/.../templates (scaffolder templates) - Exclude .storybook/, /stories/, .stories.{ts,tsx} (demo/docs) - Exclude SVG fill=, stroke= hex (brand-mandated, e.g. Google G logo) - Exclude ThemeEditor.tsx, theme-defaults.* (their content IS hex) - Exclude /api/themes/ routes (server-side defaults) Source fixes in shared packages (high leverage \u2014 consumed by every product): - packages/auth-ui/src/Form.tsx + OnboardingShell + MfaChallenge (7) - packages/dashboard-shell/src/{TopBar,ProfilePage}.tsx (3) - dashboards/tracker-web/src/app/health/page.tsx (6) All use the canonical var(--bl-<token>, #fallback) pattern that: - Lets product themes override (e.g., each product sets --bl-danger differently) - Falls back to a sensible default if tokens haven't loaded yet (defensive) common_plat hex: 59 \u2192 0 \u2713 (Tier 2 complete) Ecosystem total: 1569 \u2192 1402 Tier progress: Tier 1 (critical): 13 \u2192 0 \u2713 Tier 2 (common_plat hex): 59 \u2192 0 \u2713 Tier 3 (mac_tooling, efforise): NEXT Tier 4 (mindlyst, fastgap, flowmonk) Tier 5 (non-hex rules)	2026-05-23 14:37:51 -07:00
saravanakumardb1	53f2a97d40	feat(auth): SmartAuth SDK packages — OAuth, MFA, passkeys, devices, RS256, auth-ui Phase 1C: @bytelyst/auth-client + @bytelyst/react-auth Google Sign-In - loginWithGoogle/Microsoft/Apple(idToken) → POST /auth/oauth/:provider - getProviders/linkProvider/unlinkProvider → provider management - React context: loginWithGoogle, providers state, refreshProviders Phase 2D: MFA + Social Login SDK + Auth UI - verifyMfa/setupTotp/verifyTotpSetup/disableMfa/getMfaStatus - regenerateRecoveryCodes → recovery code management - React context: mfaRequired/mfaChallenge/mfaMethods state, verifyMfa action - login() handles MfaLoginResult (returns false, sets MFA state) - NEW @bytelyst/auth-ui: LoginForm, MfaChallenge, SocialButtons components Phase 3: Passkeys + Device SDK - getPasskeyRegisterOptions/verifyPasskeyRegistration - getPasskeyAuthOptions/verifyPasskeyAuth/listPasskeys/deletePasskey - listDevices/trustDevice/revokeDevice/revokeAllDevices Phase 4C: @bytelyst/auth RS256 support - createJwtUtils({ algorithm: 'RS256', rsaPrivateKey, rsaPublicKey }) - Dual verification: RS256 first, HS256 fallback (migration-safe) - Remote JWKS support via jwksUrl option - Backward-compatible: HS256 remains default Phase 5B: Admin security endpoints - getSecurityOverview/unlockUser/exportAuthData/cancelDeletion Tests: 101 total (36 auth-client + 21 react-auth + 13 auth-ui + 31 auth) Builds: all 4 packages pass tsc	2026-03-12 10:50:56 -07:00

Author

SHA1

Message

Date

saravanakumardb1

f1ebff5514

feat(scripts+ui): Tier 2 complete \u2014 common_plat 0 hex findings (was 59)

Scanner refinements:
- Exclude services/<svc>/src/        (Fastify backends, not UI)
- Exclude packages/config/           (schema/defaults, not UI)
- Exclude packages/devops/           (internal tooling)
- Exclude packages/create-app/.../templates (scaffolder templates)
- Exclude *.storybook/, /stories/, *.stories.{ts,tsx} (demo/docs)
- Exclude SVG fill=, stroke= hex (brand-mandated, e.g. Google G logo)
- Exclude ThemeEditor.tsx, theme-defaults.* (their content IS hex)
- Exclude /api/themes/ routes (server-side defaults)

Source fixes in shared packages (high leverage \u2014 consumed by every product):
- packages/auth-ui/src/*Form*.tsx + OnboardingShell + MfaChallenge (7)
- packages/dashboard-shell/src/{TopBar,ProfilePage}.tsx (3)
- dashboards/tracker-web/src/app/health/page.tsx (6)

All use the canonical var(--bl-<token>, #fallback) pattern that:
- Lets product themes override (e.g., each product sets --bl-danger differently)
- Falls back to a sensible default if tokens haven't loaded yet (defensive)

common_plat hex: 59 \u2192 0 \u2713 (Tier 2 complete)
Ecosystem total: 1569 \u2192 1402

Tier progress:
  Tier 1 (critical):       13 \u2192 0 \u2713
  Tier 2 (common_plat hex): 59 \u2192 0 \u2713
  Tier 3 (mac_tooling, efforise): NEXT
  Tier 4 (mindlyst, fastgap, flowmonk)
  Tier 5 (non-hex rules)

2026-05-23 14:37:51 -07:00

saravanakumardb1

53f2a97d40

feat(auth): SmartAuth SDK packages — OAuth, MFA, passkeys, devices, RS256, auth-ui

Phase 1C: @bytelyst/auth-client + @bytelyst/react-auth Google Sign-In
- loginWithGoogle/Microsoft/Apple(idToken) → POST /auth/oauth/:provider
- getProviders/linkProvider/unlinkProvider → provider management
- React context: loginWithGoogle, providers state, refreshProviders

Phase 2D: MFA + Social Login SDK + Auth UI
- verifyMfa/setupTotp/verifyTotpSetup/disableMfa/getMfaStatus
- regenerateRecoveryCodes → recovery code management
- React context: mfaRequired/mfaChallenge/mfaMethods state, verifyMfa action
- login() handles MfaLoginResult (returns false, sets MFA state)
- NEW @bytelyst/auth-ui: LoginForm, MfaChallenge, SocialButtons components

Phase 3: Passkeys + Device SDK
- getPasskeyRegisterOptions/verifyPasskeyRegistration
- getPasskeyAuthOptions/verifyPasskeyAuth/listPasskeys/deletePasskey
- listDevices/trustDevice/revokeDevice/revokeAllDevices

Phase 4C: @bytelyst/auth RS256 support
- createJwtUtils({ algorithm: 'RS256', rsaPrivateKey, rsaPublicKey })
- Dual verification: RS256 first, HS256 fallback (migration-safe)
- Remote JWKS support via jwksUrl option
- Backward-compatible: HS256 remains default

Phase 5B: Admin security endpoints
- getSecurityOverview/unlockUser/exportAuthData/cancelDeletion

Tests: 101 total (36 auth-client + 21 react-auth + 13 auth-ui + 31 auth)
Builds: all 4 packages pass tsc

2026-03-12 10:50:56 -07:00

2 Commits