Skip to content

User accounts Phase 1: Steam + Discord auth, profiles, run ownership#350

Open
ptrlrd wants to merge 10 commits into
mainfrom
feat/user-accounts
Open

User accounts Phase 1: Steam + Discord auth, profiles, run ownership#350
ptrlrd wants to merge 10 commits into
mainfrom
feat/user-accounts

Conversation

@ptrlrd
Copy link
Copy Markdown
Owner

@ptrlrd ptrlrd commented May 24, 2026

Summary

  • Two auth providers: Steam (OpenID popup) and Discord (OAuth2 redirect). Both create the same users doc in Mongo. No passwords.
  • JWT sessions in httpOnly cookies (7-day expiry)
  • Unique usernames (case-insensitive), rate-limited changes (3/day)
  • Profile page: paginated run list, drag-and-drop .run file upload with per-file results, soft delete with confirmation
  • Settings page: display name (live availability check), email, connected accounts
  • Navbar user menu: compact icon on mobile (fits the existing right cluster), username shown on desktop
  • Run ownership via user_id field on run docs, new Mongo index
  • Soft delete: runs removed from "My Runs" but share links stay alive

Sad paths handled

  • Auth failures/timeouts/cancellations (Steam popup, Discord redirect)
  • Duplicate Steam/Discord IDs (atomic upsert, concurrent request safe)
  • JWT expiry, tampered tokens, missing cookies
  • Invalid/corrupt .run files, wrong file types, oversized uploads
  • Username taken, empty after sanitization, rate limited
  • Run not found, not owned by user, already deleted
  • Network failures surfaced via toast notifications

Env vars needed

  • JWT_SECRET (required, 32+ char random string)
  • DISCORD_CLIENT_ID
  • DISCORD_CLIENT_SECRET

Files changed

  • 8 new files (4 backend, 4 frontend, 2 page wrappers)
  • 8 modified files (auth_steam, runs_db_mongo, main, metrics, navbar, layout, plus 2 lint fixes)
  • 1,976 lines added

ptrlrd added 10 commits May 24, 2026 14:19
@ptrlrd
User accounts Phase 1: Steam + Discord auth, profiles, run ownership
0d46fbb 
Backend:
- users collection in Mongo (steam_id, discord_id, unique username,
  email, rate-limited name changes)
- JWT sessions via httpOnly cookie (7-day expiry, HS256)
- Steam auth upgraded to create user doc + issue JWT on poll success
- Discord OAuth2 flow (identify + email scopes, redirect-based)
- Shared auth endpoints: /me, /logout, username/email updates,
  my runs (paginated), run soft-delete, .run file upload + auto-claim
- Run ownership via user_id field + index on runs collection
- Soft delete (deleted_at timestamp, share links stay alive)

Frontend:
- AuthContext: fetches /me on mount, Steam popup flow, Discord redirect
- ToastProvider: success/error/info notifications, auto-dismiss, stacked
- Navbar user menu: compact icon button (fits mobile right cluster),
  sign-in dropdown (Steam/Discord), account dropdown when logged in
- Profile page: my runs list with pagination, drag-and-drop .run upload
  with per-file results, inline delete with confirmation
- Settings page: display name (availability check, rate limit display),
  email, connected accounts (Steam/Discord with connect buttons)

Sad paths handled throughout: auth failures, expired sessions, duplicate
usernames, invalid files, rate limits, ownership checks on delete,
network errors with user-visible messages via toast system.

Requires env vars: JWT_SECRET, DISCORD_CLIENT_ID, DISCORD_CLIENT_SECRET
@ptrlrd
Add staging environment + fix auth for cross-origin local dev
766e91e 
Staging:
- docker-compose.staging.yml with staging image tags and auth env vars
- CI builds staging images on push to staging branch
- Staging site at staging.spire-codex.com (DNS + nginx config needed)

Auth fixes from local testing:
- Steam redirect endpoint (GET /redirect) for mobile browsers
- Callback redirects to frontend with token in URL (FRONTEND_URL env)
- Bearer token fallback in Authorization header (cross-origin dev)
- /api/auth/set-cookie endpoint for token-to-cookie exchange
- CORS_ORIGINS env var for credentialed cross-origin requests
- Expired session redirects to frontend instead of showing error page
@ptrlrd
Wire staging secrets through 1Password (.env.tpl)
177cd32 
Add JWT_SECRET, DISCORD_CLIENT_ID, DISCORD_CLIENT_SECRET to .env.tpl
as op:// references (vault: Spire Codex, items: Auth + Discord OAuth).
Staging compose reads from the shared .env rendered by sync-secrets.yml.
Add staging_compose_file to inventory vars.
@ptrlrd
Add python-multipart dep (required by /api/auth file uploads)
4ffcced
@ptrlrd
Add staging nginx block with runtime DNS resolution
2120da6 
Uses resolver 127.0.0.11 + variable proxy_pass so nginx resolves
staging container hostnames at request time, not startup. Staging
containers being down won't prevent nginx from starting or affect
prod/beta.
@ptrlrd
Set SPIRE_CODEX_PUBLIC_BASE in staging compose
bb6be7e 
Fixes Discord OAuth redirect_uri using http:// instead of https://.
The backend container sees nginx's HTTP connection, not Cloudflare's
HTTPS. The env var forces the correct public URL for OAuth callbacks.
@ptrlrd
Fix logout: clear token from localStorage
0f3dd0c
@ptrlrd
Fix logout: match cookie attributes on delete so browser clears it
8e10767
@ptrlrd
Link Discord to existing account when already logged in
672aee3 
Discord callback now checks for an existing JWT. If the user is
already signed in via Steam, clicking "Connect Discord" links the
Discord ID to their existing account instead of creating a new one.
Also makes the entire connected accounts row clickable.
@ptrlrd
Clean auth URL params on mount (linked, auth, error)
78e10ab
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ptrlrd