AgileWebs/waiter-floor-web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(web): merge protected session mvp updates

Browse Source
This commit is contained in:
José René White Enciso 2026-03-08 17:18:33 -06:00
commit 46aabd9927
9 changed files with 499 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
docs/architecture/frontend-boundary.md
View File

@ -4,6 +4,18 @@
- Frontend data access flows through `src/api/*` adapter modules. - Frontend data access flows through `src/api/*` adapter modules.
- The UI does not access DAL or internal services directly. - The UI does not access DAL or internal services directly.
- Route shell and protected sections are session-aware via Thalos session endpoints. - Route shell and protected sections are session-aware via Thalos session endpoints.
- Runtime base URLs:
- `API_BASE_URL` for business BFF calls. ## Runtime Base URLs
- `THALOS_AUTH_BASE_URL` for session login/refresh/logout/me.
- `API_BASE_URL` for business BFF calls.
- `THALOS_AUTH_BASE_URL` for session login/refresh/logout/me.
## Protected Workflow Endpoints
- `GET /api/waiter/floor/assignments?contextId=...`
- `POST /api/waiter/floor/orders`
## UI Workflow Coverage
- Waiter assignment lookup
- Floor order submission

6
docs/runbooks/testing.md
View File

@ -14,9 +14,9 @@ npm run test:ci
## Coverage Scope ## Coverage Scope
- `src/api/client.test.ts`: runtime-config precedence and fallback behavior - `src/api/client.test.ts`: runtime-config precedence and fallback behavior.
- `src/api/dashboardApi.test.ts`: endpoint path/query contract generation - `src/api/dashboardApi.test.ts`: endpoint path/query composition and payload mapping.
- `src/App.test.tsx`: render baseline and mocked load flow - `src/App.test.tsx`: protected-route render and workflow trigger behavior.
## Notes ## Notes

64
src/App.test.tsx
View File

@ -1,31 +1,61 @@
import { fireEvent, render, screen, waitFor } from '@testing-library/react'; import { fireEvent, render, screen, waitFor } from '@testing-library/react';
import { describe, expect, it, vi } from 'vitest'; import { beforeEach, describe, expect, it, vi } from 'vitest';
vi.mock('./api/dashboardApi', () => ({ vi.mock('./api/sessionApi', () => ({
loadDashboard: vi.fn() getSessionMe: vi.fn(),
loginSession: vi.fn(),
refreshSession: vi.fn(),
logoutSession: vi.fn()
})); }));
import { loadDashboard } from './api/dashboardApi'; vi.mock('./api/dashboardApi', () => ({
loadDashboard: vi.fn(),
submitFloorOrder: vi.fn()
}));
import { loadDashboard, submitFloorOrder } from './api/dashboardApi';
import { getSessionMe } from './api/sessionApi';
import App from './App'; import App from './App';
describe('App', () => { describe('Waiter Floor App', () => {
it('renders baseline page', () => { beforeEach(() => {
render(<App />); vi.mocked(loadDashboard).mockReset();
vi.mocked(submitFloorOrder).mockReset();
expect(screen.getByRole('heading', { name: 'Waiter Floor Web' })).toBeInTheDocument(); vi.mocked(getSessionMe).mockReset();
expect(screen.getByRole('button', { name: 'Load' })).toBeInTheDocument();
}); });
it('loads dashboard data when user clicks load', async () => { it('loads assignments for authenticated users', async () => {
vi.mocked(loadDashboard).mockResolvedValue({ summary: 'ok' }); vi.mocked(getSessionMe).mockResolvedValue({
isAuthenticated: true,
subjectId: 'demo-user',
tenantId: 'demo-tenant',
provider: 0
});
vi.mocked(loadDashboard).mockResolvedValue({ contextId: 'demo-context', summary: 'assigned' });
render(<App />); render(<App />);
fireEvent.change(screen.getByRole('textbox'), { target: { value: 'ctx stage28' } }); await waitFor(() => expect(screen.getByRole('button', { name: 'Load Assignments' })).toBeInTheDocument());
fireEvent.click(screen.getByRole('button', { name: 'Load' })); fireEvent.click(screen.getByRole('button', { name: 'Load Assignments' }));
await waitFor(() => { await waitFor(() => expect(loadDashboard).toHaveBeenCalledWith('demo-context'));
expect(loadDashboard).toHaveBeenCalledWith('ctx stage28');
expect(screen.getByText(/summary/)).toBeInTheDocument();
}); });
it('submits floor orders from action route', async () => {
vi.mocked(getSessionMe).mockResolvedValue({
isAuthenticated: true,
subjectId: 'demo-user',
tenantId: 'demo-tenant',
provider: 0
});
vi.mocked(submitFloorOrder).mockResolvedValue({ orderId: 'ORD-1001', accepted: true, message: 'ok' });
render(<App />);
await waitFor(() => expect(screen.getByRole('button', { name: 'Submit Order' })).toBeInTheDocument());
fireEvent.click(screen.getByRole('button', { name: 'Submit Order' }));
fireEvent.click(screen.getByRole('button', { name: 'Submit Floor Order' }));
await waitFor(() => expect(submitFloorOrder).toHaveBeenCalledTimes(1));
}); });
}); });

243
src/App.tsx
View File

@ -1,41 +1,258 @@
import { useState } from 'react'; import { useState } from 'react';
import { loadDashboard } from './api/dashboardApi'; import {
loadDashboard,
submitFloorOrder,
type SubmitFloorOrderRequest,
type SubmitFloorOrderResponse,
type WaiterAssignmentsResponse
} from './api/dashboardApi';
import { SessionProvider, useSessionContext } from './auth/sessionContext';
import type { IdentityProvider } from './api/sessionApi';
type RouteKey = 'overview' | 'actions';
function App() { function App() {
return (
<SessionProvider>
<WaiterFloorShell />
</SessionProvider>
);
}
function WaiterFloorShell() {
const session = useSessionContext();
const [route, setRoute] = useState<RouteKey>('overview');
const [contextId, setContextId] = useState('demo-context'); const [contextId, setContextId] = useState('demo-context');
const [payload, setPayload] = useState<unknown>(null); const [assignments, setAssignments] = useState<WaiterAssignmentsResponse | null>(null);
const [orderRequest, setOrderRequest] = useState<SubmitFloorOrderRequest>({
contextId: 'demo-context',
tableId: 'T-12',
orderId: 'ORD-1001',
itemCount: 3
});
const [orderResponse, setOrderResponse] = useState<SubmitFloorOrderResponse | null>(null);
const [error, setError] = useState<string | null>(null); const [error, setError] = useState<string | null>(null);
const [loading, setLoading] = useState(false); const [loading, setLoading] = useState(false);
const onLoad = async (): Promise<void> => { const loadAssignments = async () => {
setLoading(true); setLoading(true);
setError(null); setError(null);
try { try {
const response = await loadDashboard(contextId); const payload = await loadDashboard(contextId);
setPayload(response); setAssignments(payload);
setOrderRequest((previous) => ({ ...previous, contextId }));
} catch (err) { } catch (err) {
const message = err instanceof Error ? err.message : 'Unknown request error'; setError(err instanceof Error ? err.message : 'Failed to load waiter assignments.');
setError(message);
setPayload(null);
} finally { } finally {
setLoading(false); setLoading(false);
} }
}; };
const submitOrder = async () => {
setLoading(true);
setError(null);
try {
const payload = await submitFloorOrder(orderRequest);
setOrderResponse(payload);
} catch (err) {
setError(err instanceof Error ? err.message : 'Failed to submit floor order.');
} finally {
setLoading(false);
}
};
if (session.status === 'loading') {
return ( return (
<main className="app"> <main className="app">
<h1>Waiter Floor Web</h1> <h1>Waiter Floor Web</h1>
<p>React baseline wired to its corresponding BFF via an API adapter module.</p> <p className="muted">Restoring session...</p>
</main>
);
}
if (session.status !== 'authenticated' || !session.profile) {
return (
<main className="app">
<h1>Waiter Floor Web</h1>
<p className="muted">Sign in with Thalos to access protected routes.</p>
{session.error && <div className="alert">{session.error}</div>}
<LoginCard />
</main>
);
}
return (
<main className="app">
<h1>Waiter Floor Web</h1>
<p className="muted">Assignments and order submission MVP for floor operations.</p>
<section className="card row">
<span className="badge">subject: {session.profile.subjectId}</span>
<span className="badge">tenant: {session.profile.tenantId}</span>
<span className="badge">provider: {providerLabel(session.profile.provider)}</span>
<span className="spacer" />
<button type="button" className="secondary" onClick={() => void session.refresh()}>
Refresh Session
</button>
<button type="button" className="warn" onClick={() => void session.logout()}>
Logout
</button>
</section>
<section className="card tabs" aria-label="route-shell">
<button
type="button"
className={route === 'overview' ? 'active' : undefined}
onClick={() => setRoute('overview')}
>
Assignments
</button>
<button
type="button"
className={route === 'actions' ? 'active' : undefined}
onClick={() => setRoute('actions')}
>
Submit Order
</button>
</section>
{session.error && <div className="alert">{session.error}</div>}
{error && <div className="alert">{error}</div>}
{route === 'overview' && (
<section className="card col">
<div className="row"> <div className="row">
<label className="col">
Context Id
<input value={contextId} onChange={(event) => setContextId(event.target.value)} /> <input value={contextId} onChange={(event) => setContextId(event.target.value)} />
<button type="button" onClick={onLoad} disabled={loading}> </label>
{loading ? 'Loading...' : 'Load'} <button type="button" onClick={() => void loadAssignments()} disabled={loading}>
{loading ? 'Loading...' : 'Load Assignments'}
</button> </button>
</div> </div>
{error && <p>{error}</p>} <pre>{JSON.stringify(assignments, null, 2)}</pre>
<pre>{JSON.stringify(payload, null, 2)}</pre> </section>
)}
{route === 'actions' && (
<section className="card col">
<div className="grid">
<label className="col">
Context Id
<input
value={orderRequest.contextId}
onChange={(event) => setOrderRequest((previous) => ({ ...previous, contextId: event.target.value }))}
/>
</label>
<label className="col">
Table Id
<input
value={orderRequest.tableId}
onChange={(event) => setOrderRequest((previous) => ({ ...previous, tableId: event.target.value }))}
/>
</label>
<label className="col">
Order Id
<input
value={orderRequest.orderId}
onChange={(event) => setOrderRequest((previous) => ({ ...previous, orderId: event.target.value }))}
/>
</label>
<label className="col">
Item Count
<input
type="number"
min={1}
value={orderRequest.itemCount}
onChange={(event) =>
setOrderRequest((previous) => ({
...previous,
itemCount: Math.max(1, Number(event.target.value) || 1)
}))
}
/>
</label>
</div>
<button type="button" onClick={() => void submitOrder()} disabled={loading}>
{loading ? 'Submitting...' : 'Submit Floor Order'}
</button>
<pre>{JSON.stringify(orderResponse, null, 2)}</pre>
</section>
)}
</main> </main>
); );
} }
function LoginCard() {
const session = useSessionContext();
const [subjectId, setSubjectId] = useState('demo-user');
const [tenantId, setTenantId] = useState('demo-tenant');
const [provider, setProvider] = useState<IdentityProvider>(0);
const [externalToken, setExternalToken] = useState('');
const [error, setError] = useState<string | null>(null);
const [submitting, setSubmitting] = useState(false);
const onSubmit = async () => {
setSubmitting(true);
setError(null);
try {
await session.login({ subjectId, tenantId, provider, externalToken });
} catch (err) {
setError(err instanceof Error ? err.message : 'Login failed.');
} finally {
setSubmitting(false);
}
};
return (
<section className="card col">
<div className="grid">
<label className="col">
Subject Id
<input value={subjectId} onChange={(event) => setSubjectId(event.target.value)} />
</label>
<label className="col">
Tenant Id
<input value={tenantId} onChange={(event) => setTenantId(event.target.value)} />
</label>
<label className="col">
Provider
<select value={String(provider)} onChange={(event) => setProvider(Number(event.target.value) as IdentityProvider)}>
<option value="0">Internal JWT</option>
<option value="1">Azure AD (simulated)</option>
<option value="2">Google (simulated)</option>
</select>
</label>
</div>
<label className="col">
External Token (optional)
<input value={externalToken} onChange={(event) => setExternalToken(event.target.value)} />
</label>
<button type="button" onClick={() => void onSubmit()} disabled={submitting}>
{submitting ? 'Signing In...' : 'Sign In'}
</button>
{error && <div className="alert">{error}</div>}
</section>
);
}
function providerLabel(provider: IdentityProvider): string {
if (provider === 0 || provider === '0' || provider === 'InternalJwt') {
return 'Internal JWT';
}
if (provider === 1 || provider === '1' || provider === 'AzureAd') {
return 'Azure AD';
}
if (provider === 2 || provider === '2' || provider === 'Google') {
return 'Google';
}
return String(provider);
}
export default App; export default App;

33
src/api/dashboardApi.test.ts
View File

@ -1,18 +1,37 @@
import { describe, expect, it, vi } from 'vitest'; import { describe, expect, it, vi } from 'vitest';
vi.mock('./client', () => ({ vi.mock('./client', () => ({
getJson: vi.fn() getJson: vi.fn(),
postJson: vi.fn()
})); }));
import { getJson } from './client'; import { getJson, postJson } from './client';
import { loadDashboard } from './dashboardApi'; import { loadDashboard, submitFloorOrder } from './dashboardApi';
describe('loadDashboard', () => { describe('waiter floor dashboard api', () => {
it('builds encoded endpoint path and delegates to getJson', async () => { it('builds encoded assignments endpoint path', async () => {
vi.mocked(getJson).mockResolvedValue({ ok: true }); vi.mocked(getJson).mockResolvedValue({ ok: true });
await loadDashboard('demo context/1'); await loadDashboard('ctx floor/1');
expect(getJson).toHaveBeenCalledWith('/api/waiter/floor/assignments?contextId=demo%20context%2F1'); expect(getJson).toHaveBeenCalledWith('/api/waiter/floor/assignments?contextId=ctx%20floor%2F1');
});
it('posts floor order payload', async () => {
vi.mocked(postJson).mockResolvedValue({ accepted: true });
await submitFloorOrder({
contextId: 'ctx',
tableId: 'T-1',
orderId: 'ORD-1',
itemCount: 2
});
expect(postJson).toHaveBeenCalledWith('/api/waiter/floor/orders', {
contextId: 'ctx',
tableId: 'T-1',
orderId: 'ORD-1',
itemCount: 2
});
}); });
}); });

28
src/api/dashboardApi.ts
View File

@ -1,5 +1,27 @@
import { getJson } from './client'; import { getJson, postJson } from './client';
export async function loadDashboard(contextId: string): Promise<unknown> { export type WaiterAssignmentsResponse = {
return getJson(`/api/waiter/floor/assignments?contextId=${encodeURIComponent(contextId)}`); contextId: string;
summary: string;
};
export type SubmitFloorOrderRequest = {
contextId: string;
tableId: string;
orderId: string;
itemCount: number;
};
export type SubmitFloorOrderResponse = {
orderId: string;
accepted: boolean;
message: string;
};
export async function loadDashboard(contextId: string): Promise<WaiterAssignmentsResponse> {
return getJson<WaiterAssignmentsResponse>(`/api/waiter/floor/assignments?contextId=${encodeURIComponent(contextId)}`);
}
export async function submitFloorOrder(request: SubmitFloorOrderRequest): Promise<SubmitFloorOrderResponse> {
return postJson<SubmitFloorOrderResponse>('/api/waiter/floor/orders', request);
} }

8
src/api/sessionApi.ts
View File

@ -1,24 +1,26 @@
import { getJson, getThalosAuthBaseUrl, postJson, postNoContent } from './client'; import { getJson, getThalosAuthBaseUrl, postJson, postNoContent } from './client';
export type IdentityProvider = 0 | 1 | 2 | string | number;
export type SessionProfile = { export type SessionProfile = {
isAuthenticated: boolean; isAuthenticated: boolean;
subjectId: string; subjectId: string;
tenantId: string; tenantId: string;
provider: string; provider: IdentityProvider;
}; };
export type SessionLoginRequest = { export type SessionLoginRequest = {
subjectId: string; subjectId: string;
tenantId: string; tenantId: string;
correlationId: string; correlationId: string;
provider: string; provider: IdentityProvider;
externalToken: string; externalToken: string;
}; };
export type SessionLoginResponse = { export type SessionLoginResponse = {
subjectId: string; subjectId: string;
tenantId: string; tenantId: string;
provider: string; provider: IdentityProvider;
expiresInSeconds: number; expiresInSeconds: number;
}; };

120
src/auth/sessionContext.tsx Normal file
View File

@ -0,0 +1,120 @@
import { createContext, type PropsWithChildren, useCallback, useContext, useEffect, useMemo, useState } from 'react';
import { ApiError } from '../api/client';
import {
getSessionMe,
loginSession,
logoutSession,
refreshSession,
type SessionLoginRequest,
type SessionProfile
} from '../api/sessionApi';
export type SessionStatus = 'loading' | 'authenticated' | 'unauthenticated';
type SessionContextValue = {
status: SessionStatus;
profile: SessionProfile | null;
error: string | null;
login: (request: Omit<SessionLoginRequest, 'correlationId'> & { correlationId?: string }) => Promise<void>;
refresh: () => Promise<void>;
logout: () => Promise<void>;
revalidate: () => Promise<void>;
};
const SessionContext = createContext<SessionContextValue | undefined>(undefined);
export function SessionProvider({ children }: PropsWithChildren) {
const [status, setStatus] = useState<SessionStatus>('loading');
const [profile, setProfile] = useState<SessionProfile | null>(null);
const [error, setError] = useState<string | null>(null);
const revalidate = useCallback(async () => {
try {
const me = await getSessionMe();
if (me.isAuthenticated) {
setProfile(me);
setStatus('authenticated');
} else {
setProfile(null);
setStatus('unauthenticated');
}
setError(null);
} catch (err) {
if (err instanceof ApiError && err.status === 401) {
setProfile(null);
setStatus('unauthenticated');
setError(null);
return;
}
const message = err instanceof Error ? err.message : 'Session validation failed.';
setProfile(null);
setStatus('unauthenticated');
setError(message);
}
}, []);
useEffect(() => {
void revalidate();
}, [revalidate]);
const login = useCallback<SessionContextValue['login']>(
async (request) => {
setError(null);
await loginSession({
...request,
correlationId: request.correlationId && request.correlationId.length > 0 ? request.correlationId : createCorrelationId()
});
await revalidate();
},
[revalidate]
);
const refresh = useCallback(async () => {
setError(null);
await refreshSession();
await revalidate();
}, [revalidate]);
const logout = useCallback(async () => {
setError(null);
try {
await logoutSession();
} finally {
setProfile(null);
setStatus('unauthenticated');
}
}, []);
const value = useMemo<SessionContextValue>(
() => ({
status,
profile,
error,
login,
refresh,
logout,
revalidate
}),
[status, profile, error, login, refresh, logout, revalidate]
);
return <SessionContext.Provider value={value}>{children}</SessionContext.Provider>;
}
export function useSessionContext(): SessionContextValue {
const value = useContext(SessionContext);
if (!value) {
throw new Error('useSessionContext must be used within SessionProvider.');
}
return value;
}
function createCorrelationId(): string {
if (typeof crypto !== 'undefined' && typeof crypto.randomUUID === 'function') {
return crypto.randomUUID();
}
return `corr-${Date.now()}-${Math.random().toString(16).slice(2)}`;
}

25
src/styles.css
View File

@ -77,6 +77,11 @@ button.warn {
background: #b91c1c; background: #b91c1c;
} }
button.ghost {
background: #e2e8f0;
color: #0f172a;
}
button:disabled { button:disabled {
cursor: not-allowed; cursor: not-allowed;
opacity: 0.6; opacity: 0.6;
@ -110,6 +115,26 @@ button:disabled {
font-weight: 600; font-weight: 600;
} }
.tabs {
display: flex;
gap: 0.5rem;
flex-wrap: wrap;
}
.tabs button {
background: #dbeafe;
color: #1e3a8a;
}
.tabs button.active {
background: #1d4ed8;
color: #ffffff;
}
.spacer {
flex: 1;
}
pre { pre {
margin: 0; margin: 0;
background: #0f172a; background: #0f172a;