mirror of
https://github.com/tiennm99/ccs.git
synced 2026-07-16 14:16:43 +00:00
Adds a read-only dashboard surface for the codex-auth profile registry. Power users can see which profile is active and its decoded email/plan without leaving the browser; mutations stay CLI-only. - codex-auth-dashboard-service: builds the response shape (active + default + profiles[]), reads each profile's auth.json, decodes id_token via Phase 1 decoder (nested URI claims per C1), 5s in-memory single-key cache plus exported invalidateCodexAuthProfilesCache() hook for in-process Phase 2 callers (D7); strict field whitelist — id_token / access_token / refresh_token NEVER appear in response body or logs - GET /api/codex/profiles registered INSIDE the requireLocalAccessWhenAuthDisabled middleware (H6) — emails are PII and must not leak when dashboard is exposed remotely; integration test asserts 403 from non-localhost origin - NEW Auth Profiles tab (D5) in ui/src/pages/codex.tsx — distinct from the existing codex-profiles-card (which edits config.toml [profiles], a different concept); active profile + email + plan tier highlighted, table of all profiles below, disabled Switch/Remove buttons redirect to terminal commands - accountId returned by API for power users (curl) but hidden from the default UI (D6) - 11 service unit tests + 4 endpoint integration tests, all green