Added basic frontend (#1)

Reviewed-on: wrenn/sandbox#1 Co-authored-by: pptx704 <rafeed@omukk.dev> Co-committed-by: pptx704 <rafeed@omukk.dev>
2026-03-22 19:01:38 +00:00
parent 866f3ac012
commit 97292ba0bf
76 changed files with 5770 additions and 683 deletions
--- a/internal/api/server.go
+++ b/internal/api/server.go
@ -49,14 +49,11 @@ func New(queries *db.Queries, agent hostagentv1connect.HostAgentServiceClient, p
 	r.Get("/openapi.yaml", serveOpenAPI)
 	r.Get("/docs", serveDocs)

-	// Test UI for sandbox lifecycle management.
-	r.Get("/test", serveTestUI)
-
 	// Unauthenticated auth endpoints.
 	r.Post("/v1/auth/signup", authH.Signup)
 	r.Post("/v1/auth/login", authH.Login)
-	r.Get("/v1/auth/oauth/{provider}", oauthH.Redirect)
-	r.Get("/v1/auth/oauth/{provider}/callback", oauthH.Callback)
+	r.Get("/auth/oauth/{provider}", oauthH.Redirect)
+	r.Get("/auth/oauth/{provider}/callback", oauthH.Callback)

 	// JWT-authenticated: API key management.
 	r.Route("/v1/api-keys", func(r chi.Router) {
@ -66,9 +63,9 @@ func New(queries *db.Queries, agent hostagentv1connect.HostAgentServiceClient, p
 		r.Delete("/{id}", apiKeys.Delete)
 	})

-	// API-key-authenticated: sandbox lifecycle.
+	// Sandbox lifecycle: accepts API key or JWT bearer token.
 	r.Route("/v1/sandboxes", func(r chi.Router) {
-		r.Use(requireAPIKey(queries))
+		r.Use(requireAPIKeyOrJWT(queries, jwtSecret))
 		r.Post("/", sandbox.Create)
 		r.Get("/", sandbox.List)

@ -87,9 +84,9 @@ func New(queries *db.Queries, agent hostagentv1connect.HostAgentServiceClient, p
 		})
 	})

-	// API-key-authenticated: snapshot / template management.
+	// Snapshot / template management: accepts API key or JWT bearer token.
 	r.Route("/v1/snapshots", func(r chi.Router) {
-		r.Use(requireAPIKey(queries))
+		r.Use(requireAPIKeyOrJWT(queries, jwtSecret))
 		r.Post("/", snapshots.Create)
 		r.Get("/", snapshots.List)
 		r.Delete("/{name}", snapshots.Delete)
@ -127,12 +124,6 @@ func (s *Server) Handler() http.Handler {
 	return s.router
 }

-// Router returns the underlying chi router so additional routes (e.g. dashboard)
-// can be mounted on it.
-func (s *Server) Router() chi.Router {
-	return s.router
-}
-
 func serveOpenAPI(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Content-Type", "application/yaml")
 	_, _ = w.Write(openapiYAML)