feat(split): strip AuthBlocks from DeepDrftWeb; move CMS controllers to DeepDrftManager

Public host is now auth-free: no AuthBlocks, no DeepDrftCms ref, no stealth routing.
MainLayout restored to full chrome. DeepDrft.Content/.Cms HttpClients wired on Manager.
This commit is contained in:
Daniel Harvey
2026-05-19 17:01:24 -04:00
parent 840192fb79
commit 490bbbe942
19 changed files with 57 additions and 202 deletions
+23 -7
View File
@@ -81,10 +81,7 @@ builder.Services.AddAuthBlocks(options =>
var baseUrl = GetKestrelUrl(builder);
AuthBlocksWeb.Startup.ConfigureAuthServices(builder.Services, baseUrl);
// Named HttpClient used by CMS pages for delete/upload calls.
// Phase 1: points at DeepDrftWeb (https://localhost:5001) where the CMS mutation controllers
// (CmsUploadController, CmsEditController, CmsDeleteController) currently live.
// When those controllers migrate to DeepDrftManager, update ApiUrls:ApiHost to this host's URL.
// Named HttpClient used by CMS pages for auth API calls (AuthBlocks surface on this host).
var apiHostUrl = builder.Configuration["ApiUrls:ApiHost"]
?? throw new InvalidOperationException("ApiUrls:ApiHost is required");
builder.Services.AddHttpClient("DeepDrft.API", client =>
@@ -92,6 +89,25 @@ builder.Services.AddHttpClient("DeepDrft.API", client =>
client.BaseAddress = new Uri(apiHostUrl);
});
// Named HttpClient for unauthenticated Content API calls (e.g. CmsUploadController proxying WAV
// data to DeepDrftContent's POST api/track/upload). API key added per-request by the controller.
var contentApiUrl = builder.Configuration["ApiUrls:ContentApi"]
?? throw new InvalidOperationException("ApiUrls:ContentApi is required");
builder.Services.AddHttpClient("DeepDrft.Content", client =>
{
client.BaseAddress = new Uri(contentApiUrl);
});
// Named HttpClient for ApiKey-protected Content API calls (e.g. CmsDeleteController's vault
// delete). API key baked into the default request headers so callers need not add it manually.
var contentApiKey = builder.Configuration["DeepDrftContent:ApiKey"]
?? throw new InvalidOperationException("DeepDrftContent:ApiKey is required");
builder.Services.AddHttpClient("DeepDrft.Content.Cms", client =>
{
client.BaseAddress = new Uri(contentApiUrl);
client.DefaultRequestHeaders.Add("ApiKey", contentApiKey);
});
// Reverse-proxy support (nginx in production).
builder.Services.Configure<ForwardedHeadersOptions>(options =>
{
@@ -103,8 +119,8 @@ builder.Services.Configure<ForwardedHeadersOptions>(options =>
options.KnownProxies.Clear();
});
// Controllers: no-op until CMS mutation controllers migrate from DeepDrftWeb, but registered
// now so they are discovered automatically when they arrive. Matches DeepDrftWeb precedent.
// Controllers: discovers CMS mutation controllers (CmsUploadController, CmsEditController,
// CmsDeleteController) and the AuthBlocks surface. Matches DeepDrftWeb precedent.
builder.Services.AddControllers();
// InteractiveServer only — no WASM render mode on the CMS host.
@@ -152,7 +168,7 @@ app.MapStaticAssets();
// Razor pages (/account/login, /account/logout).
app.MapAuthBlocks();
// No-op today; picks up CMS mutation controllers when they migrate from DeepDrftWeb.
// Mounts CMS mutation controllers (CmsUploadController, CmsEditController, CmsDeleteController).
app.MapControllers();
app.MapRazorComponents<App>()