giteaadmin/ai-teacher
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add simple auth

Browse Source
This commit is contained in:
Adrien
2026-04-06 14:29:53 +02:00
parent e5d53b4e80
commit 0cf318f0a7
21 changed files with 1083 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files
specs/003-basic-login/plan.md
+76
View File
@@ -0,0 +1,76 @@
# Implementation Plan: Basic Login Protection
**Branch**: `003-basic-login` | **Date**: 2026-04-06 | **Spec**: [spec.md](./spec.md)
**Input**: Feature specification from `/specs/003-basic-login/spec.md`
## Summary
Add a login page to the Vue frontend so users must enter a username and password before accessing any route. The backend already has Spring Security with HTTP Basic Auth fully configured; credentials are validated on every API call. The implementation introduces a Pinia auth store that holds the entered credentials in `sessionStorage`, an axios interceptor that injects them on every request, a `/login` route with a login form, router guards that redirect unauthenticated users, and a logout button in the navbar. A lightweight `/api/v1/auth/check` endpoint is added to the backend to allow the frontend to verify credentials without side effects. Username is made configurable in the backend (currently hardcoded as "neurosurgeon").
## Technical Context
**Language/Version**: Java 21 (backend) / TypeScript + Node 20 (frontend)
**Primary Dependencies**: Spring Boot 4.0.5, Spring Security (already included), Vue 3.4, Vue Router 4.3, Pinia 2.1, Axios 1.7
**Storage**: No new storage — credentials held in browser `sessionStorage` (frontend only)
**Testing**: Spring Boot Test (backend), Vitest (not yet set up — out of scope for this feature)
**Target Platform**: Web (SPA + REST API)
**Project Type**: Web application (backend API + Vue frontend client)
**Performance Goals**: Login response within 1 second under normal load
**Constraints**: No new backend dependencies; no database changes; must not break existing API surface
**Scale/Scope**: Small team (POC), single user role
## Constitution Check
*GATE: Must pass before Phase 0 research. Re-check after Phase 1 design.*
| Principle | Status | Notes |
|-----------|--------|-------|
| I. KISS | PASS | HTTP Basic Auth is reused; no new auth protocol, no new dependencies. Frontend uses sessionStorage — no JWT, no refresh tokens. |
| II. Easy to Change | PASS | Auth store is a single Pinia store; swapping the auth mechanism later only requires updating the store and the SecurityConfig. |
| III. Web-First | PASS | Backend exposes REST endpoint; frontend is standalone SPA client. No server-side rendering added. |
| IV. Documentation as Architecture | PASS | README must be updated to show the login flow in the architecture diagram (same PR). |
| Technology Constraints | PASS | Still two deployable units (backend + frontend). No new service added. |
## Project Structure
### Documentation (this feature)
```text
specs/003-basic-login/
├── plan.md # This file
├── research.md # Phase 0 output
├── data-model.md # Phase 1 output
├── quickstart.md # Phase 1 output
├── contracts/ # Phase 1 output
│ └── auth.md
└── tasks.md # Phase 2 output (/speckit.tasks — NOT created by /speckit.plan)
```
### Source Code (repository root)
```text
backend/
├── src/main/java/com/aiteacher/
│ ├── config/
│ │ └── SecurityConfig.java # MODIFY: make username configurable
│ └── auth/
│ └── AuthController.java # ADD: GET /api/v1/auth/check endpoint
frontend/
├── src/
│ ├── stores/
│ │ └── authStore.ts # ADD: Pinia store for credentials + session
│ ├── views/
│ │ └── LoginView.vue # ADD: login form UI
│ ├── services/
│ │ └── api.ts # MODIFY: read credentials from authStore
│ ├── router/
│ │ └── index.ts # MODIFY: add /login route + navigation guard
│ └── App.vue # MODIFY: add logout button to navbar
```
**Structure Decision**: Option 2 (web application). Existing `backend/` and `frontend/` layout used; no new projects or packages.
## Complexity Tracking
> No constitution violations. Table left empty.