feat: add status badge modal and fix local dev auth bypass#29
Merged
Conversation
- Add BadgeModal component with metric dropdown (all 6 badge metrics), live shields.io preview, copyable URL/Markdown/rSt snippets, and an inline enable/disable toggle (PATCH /api/admin/projects/:id/badge) - Add "Create status badge" button to the repo detail view controls row - Fix local dev 401s: migrate wrangler.jsonc → wrangler.json, add named `dev` environment declaring DEV_BYPASS_SECRET as a required secret, update dev script to use `wrangler dev --env dev` - Simplify requireAccess() bypass: any non-empty DEV_BYPASS_SECRET skips Access JWT verification (no header match required) - Add structured logging to requireAccess() for auth debugging - Update CLAUDE.md, .dev.vars.example, and dashboard env files to reflect the new dev environment setup Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
PATCH /api/admin/projects/:id/badgewrangler.jsonc→wrangler.json, adding a nameddevenvironment that declaresDEV_BYPASS_SECRETas a required secret, and updatingnpm run devto usewrangler dev --env devrequireAccess()bypass: any non-emptyDEV_BYPASS_SECRETskips Access JWT verification (no header required), and add structured logging at each decision point for easier debuggingChanges
BadgeModal.svelte+page.sveltewrangler.jsonc→wrangler.jsonenv.devoverlay withDEV_BYPASS_SECRETrequired secret and D1 bindingpackage.jsondevscript uses--env dev; local DB scripts also pass--env devsrc/middleware/access.tsworker-configuration.d.tswrangler types—DEV_BYPASS_SECRETis now optional in base env, required inDevEnvdashboard/.env.exampleCLAUDE.mdwrangler.jsoncrefs, new "Local dev" section, corrected DB commandsFORCE_JAVASCRIPT_ACTIONS_TO_NODE24to bothaction-test.ymlanddeploy.ymlTest plan
badge_enabled = 0: notice is shown with "Enable public badge" button; clicking it enables and shows the live badgebadge_enabled = 1: checkmark + "Disable" link shown; clicking it disables and hides the previewnpm run dev(withDEV_BYPASS_SECRET=devin.dev.vars) no longer returns 401 on/api/projectswrangler deploy --dry-runpasses cleanly🤖 Generated with Claude Code