d-bis/explorer-monorepo
4
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: d-bis:devin/1776538999-fix-auth-context-keys-and-errors
Branches Tags
d-bis:master d-bis:devin/1778358341-institutional-membership-tiers d-bis:feature/explorer-live-pricing-historical-valuation d-bis:devin/1776542851-harden-gitleaks-and-document-purge d-bis:devin/1776542488-fix-setup-database-hardcoded-password d-bis:devin/1776541136-docs-auth-refresh-logout-followups d-bis:devin/1776540420-docs-readme-architecture-rewrite d-bis:devin/1776540240-test-e2e-full-and-ci-wiring d-bis:devin/1776540090-chore-frontend-router-decision d-bis:devin/1776539814-feat-jwt-revocation-and-refresh d-bis:devin/1776539646-refactor-config-externalize d-bis:devin/1776539460-refactor-ai-package-split d-bis:devin/1776539160-chore-ci-go-version-and-scanners d-bis:devin/1776538999-fix-auth-context-keys-and-errors d-bis:devin/1776538631-fix-jwt-and-csp-hardening d-bis:devin/1776538357-chore-doc-consolidation d-bis:devin/1776538258-chore-gitignore-and-artifacts d-bis:feat/block-transaction-drilldown d-bis:fix/address-detail-loading-state d-bis:fix/explorer-readonly-contract-interactions d-bis:feat/explorer-dual-currency-display
..
compare: d-bis:devin/1776540090-chore-frontend-router-decision
Branches Tags
d-bis:master d-bis:devin/1778358341-institutional-membership-tiers d-bis:feature/explorer-live-pricing-historical-valuation d-bis:devin/1776542851-harden-gitleaks-and-document-purge d-bis:devin/1776542488-fix-setup-database-hardcoded-password d-bis:devin/1776541136-docs-auth-refresh-logout-followups d-bis:devin/1776540420-docs-readme-architecture-rewrite d-bis:devin/1776540240-test-e2e-full-and-ci-wiring d-bis:devin/1776540090-chore-frontend-router-decision d-bis:devin/1776539814-feat-jwt-revocation-and-refresh d-bis:devin/1776539646-refactor-config-externalize d-bis:devin/1776539460-refactor-ai-package-split d-bis:devin/1776539160-chore-ci-go-version-and-scanners d-bis:devin/1776538999-fix-auth-context-keys-and-errors d-bis:devin/1776538631-fix-jwt-and-csp-hardening d-bis:devin/1776538357-chore-doc-consolidation d-bis:devin/1776538258-chore-gitignore-and-artifacts d-bis:feat/block-transaction-drilldown d-bis:fix/address-detail-loading-state d-bis:fix/explorer-readonly-contract-interactions d-bis:feat/explorer-dual-currency-display

1 Commits
devin/1776 ... devin/1776

Author SHA1 Message Date
Devin
8c7e1c70de chore(frontend): commit to pages router, drop empty src/app, unify on npm 
Fixes the 'unfinished router migration + inconsistent packageManager'
finding from the review:

1. src/app/ only ever contained globals.css; every actual route lives
   under src/pages/. Keeping both routers in the tree made the build
   surface area ambiguous and left a trap where a future contributor
   might add a new route under src/app/ and break Next's routing
   resolution. PR #9 commits to the pages router and removes src/app/.

2. globals.css moved from src/app/globals.css to src/styles/globals.css
   (so it no longer sits under an otherwise-deleted app router folder)
   and _app.tsx's import was updated accordingly. This is a no-op at
   runtime: the CSS payload is byte-identical.

3. tailwind.config.js had './src/app/**/*.{js,ts,jsx,tsx,mdx}' at the
   top of its content glob list. Replaced with './src/styles/**/*.css'
   so Tailwind still sees globals.css; the src/components/** and
   src/pages/** globs are unchanged.

4. Unified the package manager on npm:

   - package.json packageManager: 'pnpm@10.0.0' -> 'npm@10.8.2'.
     The lockfile (package-lock.json) and CI (npm ci / npm run lint /
     npm run type-check / npm run build in .github/workflows/ci.yml)
     have always used npm; the pnpm declaration was aspirational and
     would have forced contributors with corepack enabled into a tool
     the repo doesn't actually support.
   - Added an 'engines' block pinning node >=20 <21 and npm >=10 so
     CI, Docker, and a fresh laptop clone all land on the same runtime.

Verification:
  npm ci            465 packages, no warnings.
  npm run lint      next lint:   No ESLint warnings or errors.
  npm run type-check tsc --noEmit: clean.
  npm run build     Next.js 14.2.35 compiled 19 pages successfully;
                    every route (/, /blocks, /transactions, /tokens,
                    /bridge, /analytics, /operator, /docs, /wallet,
                    etc.) rendered without emitting a warning.

Advances completion criterion 5 (frontend housekeeping): 'one router;
one package manager; build is reproducible from the lockfile.'
 2026-04-18 19:23:35 +00:00
12 changed files with 45 additions and 150 deletions
Expand all files Collapse all files

36
backend/api/middleware/auth.go
View File

@@ -1,6 +1,7 @@
package middleware
import (
"context"
"fmt"
"net/http"
"strings"
@@ -30,7 +31,11 @@ func (m *AuthMiddleware) RequireAuth(next http.Handler) http.Handler {
return
}
ctx := ContextWithAuth(r.Context(), address, track, true)
// Add user context
ctx := context.WithValue(r.Context(), "user_address", address)
ctx = context.WithValue(ctx, "user_track", track)
ctx = context.WithValue(ctx, "authenticated", true)
next.ServeHTTP(w, r.WithContext(ctx))
})
}
@@ -39,7 +44,11 @@ func (m *AuthMiddleware) RequireAuth(next http.Handler) http.Handler {
func (m *AuthMiddleware) RequireTrack(requiredTrack int) func(http.Handler) http.Handler {
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
track := UserTrack(r.Context())
// Extract track from context (set by RequireAuth or OptionalAuth)
track, ok := r.Context().Value("user_track").(int)
if !ok {
track = 1 // Default to Track 1 (public)
}
if !featureflags.HasAccess(track, requiredTrack) {
writeForbidden(w, requiredTrack)
@@ -56,33 +65,40 @@ func (m *AuthMiddleware) OptionalAuth(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
address, track, err := m.extractAuth(r)
if err != nil {
// No auth provided (or auth failed) — fall back to Track 1.
ctx := ContextWithAuth(r.Context(), "", defaultTrackLevel, false)
// No auth provided, default to Track 1 (public)
ctx := context.WithValue(r.Context(), "user_address", "")
ctx = context.WithValue(ctx, "user_track", 1)
ctx = context.WithValue(ctx, "authenticated", false)
next.ServeHTTP(w, r.WithContext(ctx))
return
}
ctx := ContextWithAuth(r.Context(), address, track, true)
// Auth provided, add user context
ctx := context.WithValue(r.Context(), "user_address", address)
ctx = context.WithValue(ctx, "user_track", track)
ctx = context.WithValue(ctx, "authenticated", true)
next.ServeHTTP(w, r.WithContext(ctx))
})
}
// extractAuth extracts authentication information from the request.
// Returns ErrMissingAuthorization when no usable Bearer token is present;
// otherwise returns the error from JWT validation.
// extractAuth extracts authentication information from request
func (m *AuthMiddleware) extractAuth(r *http.Request) (string, int, error) {
// Get Authorization header
authHeader := r.Header.Get("Authorization")
if authHeader == "" {
return "", 0, ErrMissingAuthorization
return "", 0, http.ErrMissingFile
}
// Check for Bearer token
parts := strings.Split(authHeader, " ")
if len(parts) != 2 || parts[0] != "Bearer" {
return "", 0, ErrMissingAuthorization
return "", 0, http.ErrMissingFile
}
token := parts[1]
// Validate JWT token
address, track, err := m.walletAuth.ValidateJWT(token)
if err != nil {
return "", 0, err

60
backend/api/middleware/context.go
View File

@@ -1,60 +0,0 @@
package middleware
import (
"context"
"errors"
)
// ctxKey is an unexported type for request-scoped authentication values.
// Using a distinct type (rather than a bare string) keeps our keys out of
// collision range for any other package that also calls context.WithValue,
// and silences go vet's SA1029.
type ctxKey string
const (
ctxKeyUserAddress ctxKey = "user_address"
ctxKeyUserTrack ctxKey = "user_track"
ctxKeyAuthenticated ctxKey = "authenticated"
)
// Default track level applied to unauthenticated requests (Track 1 = public).
const defaultTrackLevel = 1
// ErrMissingAuthorization is returned by extractAuth when no usable
// Authorization header is present on the request. Callers should treat this
// as "no auth supplied" rather than a hard failure for optional-auth routes.
var ErrMissingAuthorization = errors.New("middleware: authorization header missing or malformed")
// ContextWithAuth returns a child context carrying the supplied
// authentication state. It is the single place in the package that writes
// the auth context keys.
func ContextWithAuth(parent context.Context, address string, track int, authenticated bool) context.Context {
ctx := context.WithValue(parent, ctxKeyUserAddress, address)
ctx = context.WithValue(ctx, ctxKeyUserTrack, track)
ctx = context.WithValue(ctx, ctxKeyAuthenticated, authenticated)
return ctx
}
// UserAddress returns the authenticated wallet address stored on ctx, or
// "" if the context is not authenticated.
func UserAddress(ctx context.Context) string {
addr, _ := ctx.Value(ctxKeyUserAddress).(string)
return addr
}
// UserTrack returns the access tier recorded on ctx. If no track was set
// (e.g. the request bypassed all auth middleware) the caller receives
// Track 1 (public) so route-level checks can still make a decision.
func UserTrack(ctx context.Context) int {
if track, ok := ctx.Value(ctxKeyUserTrack).(int); ok {
return track
}
return defaultTrackLevel
}
// IsAuthenticated reports whether the current request carried a valid auth
// token that was successfully parsed by the middleware.
func IsAuthenticated(ctx context.Context) bool {
ok, _ := ctx.Value(ctxKeyAuthenticated).(bool)
return ok
}

62
backend/api/middleware/context_test.go
View File

@@ -1,62 +0,0 @@
package middleware
import (
"context"
"errors"
"testing"
)
func TestContextWithAuthRoundTrip(t *testing.T) {
ctx := ContextWithAuth(context.Background(), "0xabc", 4, true)
if got := UserAddress(ctx); got != "0xabc" {
t.Fatalf("UserAddress() = %q, want %q", got, "0xabc")
}
if got := UserTrack(ctx); got != 4 {
t.Fatalf("UserTrack() = %d, want 4", got)
}
if !IsAuthenticated(ctx) {
t.Fatal("IsAuthenticated() = false, want true")
}
}
func TestUserTrackDefaultsToTrack1OnBareContext(t *testing.T) {
if got := UserTrack(context.Background()); got != defaultTrackLevel {
t.Fatalf("UserTrack(empty) = %d, want %d", got, defaultTrackLevel)
}
}
func TestUserAddressEmptyOnBareContext(t *testing.T) {
if got := UserAddress(context.Background()); got != "" {
t.Fatalf("UserAddress(empty) = %q, want empty", got)
}
}
func TestIsAuthenticatedFalseOnBareContext(t *testing.T) {
if IsAuthenticated(context.Background()) {
t.Fatal("IsAuthenticated(empty) = true, want false")
}
}
// TestContextKeyIsolation proves that the typed ctxKey values cannot be
// shadowed by a caller using bare-string keys with the same spelling.
// This is the specific class of bug fixed by this PR.
func TestContextKeyIsolation(t *testing.T) {
ctx := context.WithValue(context.Background(), "user_address", "injected")
if got := UserAddress(ctx); got != "" {
t.Fatalf("expected empty address (bare string key must not collide), got %q", got)
}
}
func TestErrMissingAuthorizationIsSentinel(t *testing.T) {
if ErrMissingAuthorization == nil {
t.Fatal("ErrMissingAuthorization must not be nil")
}
wrapped := errors.New("wrapped: " + ErrMissingAuthorization.Error())
if errors.Is(wrapped, ErrMissingAuthorization) {
t.Fatal("string-wrapped error must not satisfy errors.Is (smoke check)")
}
if !errors.Is(ErrMissingAuthorization, ErrMissingAuthorization) {
t.Fatal("ErrMissingAuthorization must satisfy errors.Is against itself")
}
}

8
backend/api/rest/features.go
View File

@@ -4,7 +4,6 @@ import (
"encoding/json"
"net/http"
"github.com/explorer/backend/api/middleware"
"github.com/explorer/backend/featureflags"
)
@@ -17,8 +16,11 @@ func (s *Server) handleFeatures(w http.ResponseWriter, r *http.Request) {
}
// Extract user track from context (set by auth middleware)
// Default to Track 1 (public) if not authenticated (handled by helper).
userTrack := middleware.UserTrack(r.Context())
// Default to Track 1 (public) if not authenticated
userTrack := 1
if track, ok := r.Context().Value("user_track").(int); ok {
userTrack = track
}
// Get enabled features for this track
enabledFeatures := featureflags.GetEnabledFeatures(userTrack)

3
backend/api/track4/endpoints.go
View File

@@ -12,7 +12,6 @@ import (
"strings"
"time"
"github.com/explorer/backend/api/middleware"
"github.com/explorer/backend/auth"
"github.com/jackc/pgx/v5/pgxpool"
)
@@ -186,7 +185,7 @@ func (s *Server) requireOperatorAccess(w http.ResponseWriter, r *http.Request) (
return "", "", false
}
operatorAddr := middleware.UserAddress(r.Context())
operatorAddr, _ := r.Context().Value("user_address").(string)
operatorAddr = strings.TrimSpace(operatorAddr)
if operatorAddr == "" {
writeError(w, http.StatusUnauthorized, "unauthorized", "Operator address required")

4
backend/api/track4/operator_scripts.go
View File

@@ -13,8 +13,6 @@ import (
"path/filepath"
"strings"
"time"
"github.com/explorer/backend/api/middleware"
)
type runScriptRequest struct {
@@ -69,7 +67,7 @@ func (s *Server) HandleRunScript(w http.ResponseWriter, r *http.Request) {
return
}
operatorAddr := middleware.UserAddress(r.Context())
operatorAddr, _ := r.Context().Value("user_address").(string)
if operatorAddr == "" {
writeError(w, http.StatusUnauthorized, "unauthorized", "Operator address required")
return

9
backend/api/track4/operator_scripts_test.go
View File

@@ -11,7 +11,6 @@ import (
"net/http"
"net/http/httptest"
"github.com/explorer/backend/api/middleware"
"github.com/stretchr/testify/require"
)
@@ -46,7 +45,7 @@ func TestHandleRunScriptUsesForwardedClientIPAndRunsAllowlistedScript(t *testing
reqBody := []byte(`{"script":"echo.sh","args":["world"]}`)
req := httptest.NewRequest(http.MethodPost, "/api/v1/track4/operator/run-script", bytes.NewReader(reqBody))
req = req.WithContext(middleware.ContextWithAuth(req.Context(), "0x4A666F96fC8764181194447A7dFdb7d471b301C8", 4, true))
req = req.WithContext(context.WithValue(req.Context(), "user_address", "0x4A666F96fC8764181194447A7dFdb7d471b301C8"))
req.RemoteAddr = "10.0.0.10:8080"
req.Header.Set("X-Forwarded-For", "203.0.113.9, 10.0.0.10")
w := httptest.NewRecorder()
@@ -78,7 +77,7 @@ func TestHandleRunScriptRejectsNonAllowlistedScript(t *testing.T) {
s := &Server{roleMgr: &stubRoleManager{allowed: true}, chainID: 138}
req := httptest.NewRequest(http.MethodPost, "/api/v1/track4/operator/run-script", bytes.NewReader([]byte(`{"script":"blocked.sh"}`)))
req = req.WithContext(middleware.ContextWithAuth(req.Context(), "0x4A666F96fC8764181194447A7dFdb7d471b301C8", 4, true))
req = req.WithContext(context.WithValue(req.Context(), "user_address", "0x4A666F96fC8764181194447A7dFdb7d471b301C8"))
req.RemoteAddr = "127.0.0.1:9999"
w := httptest.NewRecorder()
@@ -101,7 +100,7 @@ func TestHandleRunScriptRejectsFilenameCollisionOutsideAllowlistedPath(t *testin
s := &Server{roleMgr: &stubRoleManager{allowed: true}, chainID: 138}
req := httptest.NewRequest(http.MethodPost, "/api/v1/track4/operator/run-script", bytes.NewReader([]byte(`{"script":"unsafe/backup.sh"}`)))
req = req.WithContext(middleware.ContextWithAuth(req.Context(), "0x4A666F96fC8764181194447A7dFdb7d471b301C8", 4, true))
req = req.WithContext(context.WithValue(req.Context(), "user_address", "0x4A666F96fC8764181194447A7dFdb7d471b301C8"))
req.RemoteAddr = "127.0.0.1:9999"
w := httptest.NewRecorder()
@@ -123,7 +122,7 @@ func TestHandleRunScriptTruncatesLargeOutput(t *testing.T) {
s := &Server{roleMgr: &stubRoleManager{allowed: true}, chainID: 138}
req := httptest.NewRequest(http.MethodPost, "/api/v1/track4/operator/run-script", bytes.NewReader([]byte(`{"script":"large.sh"}`)))
req = req.WithContext(middleware.ContextWithAuth(req.Context(), "0x4A666F96fC8764181194447A7dFdb7d471b301C8", 4, true))
req = req.WithContext(context.WithValue(req.Context(), "user_address", "0x4A666F96fC8764181194447A7dFdb7d471b301C8"))
req.RemoteAddr = "127.0.0.1:9999"
w := httptest.NewRecorder()

3
frontend/next-env.d.ts vendored
View File

@@ -1,6 +1,5 @@
/// <reference types="next" />
/// <reference types="next/image-types/global" />
/// <reference types="next/navigation-types/compat/navigation" />
// NOTE: This file should not be edited
// see https://nextjs.org/docs/app/building-your-application/configuring/typescript for more information.
// see https://nextjs.org/docs/pages/building-your-application/configuring/typescript for more information.

6
frontend/package.json
View File

@@ -2,7 +2,11 @@
"name": "explorer-frontend",
"version": "1.0.0",
"private": true,
"packageManager": "pnpm@10.0.0",
"packageManager": "npm@10.8.2",
"engines": {
"node": ">=20.0.0 <21.0.0",
"npm": ">=10.0.0"
},
"scripts": {
"dev": "sh -c 'HOST=${HOST:-127.0.0.1}; PORT=${PORT:-3000}; next dev -H \"$HOST\" -p \"$PORT\"'",
"build": "next build",

2
frontend/src/pages/_app.tsx
View File

@@ -1,5 +1,5 @@
import type { AppProps } from 'next/app'
import '../app/globals.css'
import '../styles/globals.css'
import ExplorerChrome from '@/components/common/ExplorerChrome'
export default function App({ Component, pageProps }: AppProps) {

0
frontend/src/app/globals.css → frontend/src/styles/globals.css
View File

2
frontend/tailwind.config.js
View File

@@ -1,9 +1,9 @@
/** @type {import('tailwindcss').Config} */
module.exports = {
content: [
'./src/app/**/*.{js,ts,jsx,tsx,mdx}',
'./src/pages/**/*.{js,ts,jsx,tsx,mdx}',
'./src/components/**/*.{js,ts,jsx,tsx,mdx}',
'./src/styles/**/*.css',
],
theme: {
extend: {