Commit Graph

15 Commits

Author SHA1 Message Date
Daniel Harvey 4351302a25 Flip ITrackService/TrackManager to DTO output; TrackConverter is the sole entity<->DTO path across all consumers 2026-05-25 11:35:04 -04:00
Daniel Harvey 551cef0fe8 DeepDrftAPI Rename 2026-05-25 10:38:36 -04:00
Daniel Harvey 98b2c8d744 Manager Cleanup 2026-05-25 10:17:21 -04:00
Daniel Harvey d9e4052e39 fix: review remediation — _busy finally block, TrackNotFoundMessage const, null-safe error log 2026-05-25 09:11:15 -04:00
Daniel Harvey f404602536 refactor: make DeepDrftContent sole authority over track SQL + vault; Manager goes HTTP-only 2026-05-25 08:46:09 -04:00
Daniel Harvey 72c33d9940 CMS -> API refactor part 1 2026-05-25 04:04:59 -04:00
Daniel Harvey 7f99479cae fix(manager): review remediation — DeleteTrackAsync dead code, TrackEdit Id long, dead @using 2026-05-24 21:14:26 -04:00
Daniel Harvey 428359b241 refactor(manager): replace internal CMS HTTP layer with direct CmsTrackService calls 2026-05-24 20:46:22 -04:00
Daniel Harvey e2a2064f7a fix(tracknew): attach bearer token to WAV upload request 2026-05-24 18:57:48 -04:00
Daniel Harvey 95772c655e fix(manager): redirect unauth nav to login instead of 401
AddAuthBlocks installs JwtBearer as the default challenge scheme; the
authorization middleware 401s unauthenticated nav requests before the
Blazor router runs. Tokens live in localStorage and are only readable
via JS interop after the SignalR circuit is live.

- Program.cs: MapRazorComponents .AllowAnonymous() so nav reaches the
  Blazor router; API surfaces (MapAuthBlocks, MapControllers) still
  enforce JWT. Fix middleware order to UseAuthentication -> UseAntiforgery
  -> UseAuthorization per Blazor Web App template.
- App.razor: InteractiveServerRenderMode(prerender:false) on Routes and
  HeadOutlet so AuthorizeRouteView evaluates after JS interop is ready;
  extract to static field (was two inline allocations per render cycle).
- CmsLayout/Pages: drop conflicting per-component @rendermode directives
  (parent now owns the render mode).
- Routes.razor: break authenticated-but-wrong-role redirect loop; split
  NotAuthorized into unauthenticated -> RedirectToLogin and
  authenticated-wrong-role -> RedirectToAccessDenied (new component).
- Pages/Index.razor: deleted — NavigateTo('/cms') was unreachable for
  unauthenticated users and racey for authorized ones.
2026-05-24 18:29:07 -04:00
Daniel Harvey e73b3c3218 chore(manager): upgrade AuthBlocks to 10.3.33; migrate ITokenService → IAuthSession, SystemRoleConstants, hoist usings to _Imports 2026-05-22 23:33:25 -04:00
Daniel Harvey fc49a65824 fix(cms): use SystemRoleConstants.Admin in /cms page auth 2026-05-21 21:32:35 -04:00
Daniel Harvey 710705415a move DeleteTrackDialog to Shared/, drop redundant usings 2026-05-21 20:44:32 -04:00
Daniel Harvey ce1cbccad5 inline DeepDrftCms RCL into DeepDrftManager and delete the project 2026-05-21 20:36:00 -04:00
Daniel Harvey 82ff20404c fix(postmerge): guard DeepDrftMenu SSR hang, add Manager root redirect, add Manager styles link 2026-05-20 15:29:40 -04:00