fragginwagon/bw-copilot-resources
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add shared port registry workflow and improve scaffold tooling

Browse Source
This commit is contained in:
Greg Jacobs
2026-05-19 21:22:34 -04:00
parent 107f8a2691
commit 3b668c9ced
33 changed files with 2235 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
resources/skills/discord-oauth-vue3-vite/references/env-vars.md Normal file
View File

@@ -0,0 +1,22 @@
# Environment Variables
Set these in the target app or in the app's local env files.
- `AUTH_PORT` - auth service port, default `8787`
- `NODE_ENV` - enables stricter secret checks outside development
- `JWT_SECRET` - signing secret for access tokens
- `ACCESS_TOKEN_TTL` - access token lifetime, default `15m`
- `REFRESH_TOKEN_TTL_DAYS` - refresh session lifetime, default `30`
- `COOKIE_NAME` - refresh token cookie name, default `gopvp_refresh`
- `COOKIE_SECURE` - set to `true` for HTTPS deployments
- `COOKIE_SAME_SITE` - cookie same-site mode, default `lax`
- `AUTH_CLIENTS_FILE` - optional path to a JSON client map
- `AUTH_CLIENTS_JSON` - optional inline JSON client map
- `FRONTEND_ORIGIN` - legacy single-origin fallback
- `DISCORD_CLIENT_ID` - legacy single-origin fallback
- `DISCORD_CLIENT_SECRET` - legacy single-origin fallback
- `DISCORD_SCOPES` - legacy single-origin fallback, default `identify,email`
- `ALLOWLIST_DISCORD_IDS` - legacy single-origin fallback, comma-separated Discord user IDs
- `DEFAULT_FEATURE_KEYS` - feature flags granted to allowlisted users
Keep secrets out of committed files and copy them into local environment files instead.

14
resources/skills/discord-oauth-vue3-vite/references/implementation-checklist.md Normal file
View File

@@ -0,0 +1,14 @@
# Implementation Checklist
1. Create the Discord application and add the callback URL used by the app.
2. Generate the `src/server/discord-oauth/` bundle from the scaffold.
3. Copy `clients.example.json` to `clients.json` and fill in credentials.
4. Set `AUTH_PORT`, `JWT_SECRET`, and the other auth env vars locally.
5. Wire the auth server: add an `auth:dev` script or mount it into an existing backend entrypoint.
6. Create `useAuth.js` singleton composable from the reference template; adapt the import path.
7. Create `DiscordAuthWidget` organism (`.vue`, `.scss`, `.stories.js`) from reference templates; update SCSS `@use` paths to match the target project's style foundation.
8. Create `OAuthCallbackPage.vue` from the reference template; register it at `/oauth/callback` with no auth guard.
9. Add `meta: { requiresAuth: true }` to protected routes and a `beforeEach` guard that calls `checkSession()` and redirects to `/` if the user is not logged in.
10. Add Vite dev proxy: `/api/auth``http://localhost:<AUTH_PORT>`.
11. Test login, callback, session persistence, session refresh, and logout.
12. Confirm the allowlist rejects a Discord account that is not approved.