coderdojo-linz
diff --git a/‎workshop-ui/public/apple-icon.png‎
6.02 KB b/‎workshop-ui/public/apple-icon.png‎
6.02 KB
diff --git a/‎workshop-ui/public/favicon.ico‎
14.7 KB b/‎workshop-ui/public/favicon.ico‎
14.7 KB
diff --git a/‎workshop-ui/public/icon0.svg‎
Lines changed: 3 additions & 0 deletions b/‎workshop-ui/public/icon0.svg‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎workshop-ui/public/icon1.png‎
3.84 KB b/‎workshop-ui/public/icon1.png‎
3.84 KB
diff --git a/‎workshop-ui/public/manifest.json‎
Lines changed: 21 additions & 0 deletions b/‎workshop-ui/public/manifest.json‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎workshop-ui/public/web-app-manifest-192x192.png‎
7.74 KB b/‎workshop-ui/public/web-app-manifest-192x192.png‎
7.74 KB
diff --git a/‎workshop-ui/public/web-app-manifest-512x512.png‎
26 KB b/‎workshop-ui/public/web-app-manifest-512x512.png‎
26 KB
diff --git a/‎workshop-ui/src/app/api/auth/me/route.ts‎
Lines changed: 29 additions & 0 deletions b/‎workshop-ui/src/app/api/auth/me/route.ts‎
Lines changed: 29 additions & 0 deletions
diff --git a/‎workshop-ui/src/app/api/auth/route.ts‎
Lines changed: 90 additions & 0 deletions b/‎workshop-ui/src/app/api/auth/route.ts‎
Lines changed: 90 additions & 0 deletions
diff --git a/‎workshop-ui/src/app/api/chat/route.ts‎
Lines changed: 17 additions & 2 deletions b/‎workshop-ui/src/app/api/chat/route.ts‎
Lines changed: 17 additions & 2 deletions
@@ -0,0 +1,21 @@
+{
+  "name": "CoderDojo AI Workshops",
+  "short_name": "CD AI",
+  "icons": [
+    {
+      "src": "/web-app-manifest-192x192.png",
+      "sizes": "192x192",
+      "type": "image/png",
+      "purpose": "maskable"
+    },
+    {
+      "src": "/web-app-manifest-512x512.png",
+      "sizes": "512x512",
+      "type": "image/png",
+      "purpose": "maskable"
+    }
+  ],
+  "theme_color": "#ffffff",
+  "background_color": "#ffffff",
+  "display": "standalone"
+}
@@ -0,0 +1,29 @@
+import { getAppSessionFromRequest, validateAppSession } from "@/lib/session"
+import { NextRequest, NextResponse } from "next/server"
+
+/**
+ * @route   GET /api/auth/me
+ * @desc    Get current authentication status
+ * 
+ * @access  Public
+ */
+export async function GET(request: NextRequest) {
+    // Check current authentication status
+    const response = NextResponse.json({ authenticated: false })
+
+    try {
+        const session = await getAppSessionFromRequest(request, response)
+
+        if (await validateAppSession(session)) {
+            return NextResponse.json({
+                authenticated: true,
+                workshopName: session.workshopName,
+            })
+        } else {
+            return NextResponse.json({}, { status: 401 })
+        }
+    } catch (error) {
+        console.error('Session check error:', error)
+        return NextResponse.json({}, { status: 401 })
+    }
+}
@@ -0,0 +1,90 @@
+import { NextRequest, NextResponse } from 'next/server'
+import { getAppSessionFromRequest, validateAccessCode, validateAppSession } from '@/lib/session'
+import { readWorkshops } from '@/lib/workshopService'
+import { Workshop } from '@/lib/workshop-schema'
+
+/**
+ * @route   POST /api/auth
+ * @desc    Handle login and logout actions
+ * @body    { action: 'login' | 'logout', code?: string }
+ * @response 200 { success: boolean } or 400/401 { error: string }
+ * @access  Public
+ */
+export async function POST(request: NextRequest) {
+  try {
+    const body = await request.json()
+    const { action, code } = body
+    const response = NextResponse.json({ success: true })
+
+    if (action === 'login') {
+      if (await validateAccessCode(code)) {
+        // Set session variables
+        const session = await getAppSessionFromRequest(request, response)
+        session.accessCode = code
+        session.isAuthenticated = true
+        session.recheckCode = new Date(Date.now() + 1000 * 60 * 30) // recheck code in 30 minutes
+
+        // Find a workshop associated with this access code
+        const workshops = await readWorkshops()
+        const workshop = workshops.find((w: Workshop) => w.code === code)
+        if (workshop) {
+          session.workshopName = workshop.title
+        } else {
+          session.workshopName = 'Unknown Workshop'
+        }
+        console.log(`User logged in to workshop: ${JSON.stringify(session)}`)
+        await session.save()
+
+        return response
+      } else {
+        // report invalid code to client
+        return NextResponse.json(
+          { error: 'Invalid access code' },
+          { status: 401 }
+        )
+      }
+    } else if (action === 'logout') {
+      // Clear the session
+      const session = await getAppSessionFromRequest(request, response)
+      session.destroy()
+
+      return response
+    }
+
+    return NextResponse.json(
+      { error: 'Invalid action' },
+      { status: 400 }
+    )
+  } catch (error) {
+    console.error('Auth API error:', error)
+    return NextResponse.json(
+      { error: 'Invalid request' },
+      { status: 400 }
+    )
+  }
+}
+
+/**
+ * @route   GET /api/auth
+ * @desc    Get current authentication status
+ * @response { authenticated: boolean }
+ * @access  Public
+ */
+export async function GET(request: NextRequest) {
+  // Check current authentication status
+  const response = NextResponse.json({ authenticated: false })
+
+  try {
+    const session = await getAppSessionFromRequest(request, response)
+    const isAuthenticated = await validateAppSession(session)
+
+    return NextResponse.json({
+      authenticated: isAuthenticated
+    })
+  } catch (error) {
+    console.error('Session check error:', error)
+    return NextResponse.json({
+      authenticated: false
+    })
+  }
+}
@@ -2,7 +2,7 @@ import { NextRequest, NextResponse } from 'next/server';
 import OpenAI, { AzureOpenAI } from 'openai';
 import fs from 'fs';
 import path from 'path';
-import { getSession } from '@/lib/session';
+import { getAppSessionFromRequest, getChatSession, validateAppSession } from '@/lib/session';
 import { randomUUID } from 'crypto';
 import '@/lib/files';
 import { trace, Span } from '@opentelemetry/api';
@@ -16,8 +16,23 @@ const tracer = trace.getTracer('ai-workshop-chat');
 // TODO: Persist this to a database later
 const sessionResponseMap = new Map<string, { previousResponseId: string; sessionInstanceId: string }>();
 
+/**
+ * @route   POST /api/chat
+ * @desc    Send a chat message
+ * @body    { message: string, resetConversation: boolean }
+ * @urlParam exercise: string
+ * @response 200 { response: string } or 400 { error: string }
+ * @access  Protected (any authenticated user/workshop)
+ */
 export async function POST(request: NextRequest) {
   try {
+    // Validate authentication
+    const response = NextResponse.next();
+    const appSession = await getAppSessionFromRequest(request, response);
+    if (!await validateAppSession(appSession)) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+    }
+
     // Get body payload and query string parameters
     const { message, resetConversation } = await request.json();
     if (!message || typeof message !== 'string') {
@@ -36,7 +51,7 @@ export async function POST(request: NextRequest) {
     const exerciseData = exerciseResult.value;
 
     // Get or create session ID
-    const session = await getSession();
+    const session = await getChatSession();
     let sessionId = session.sessionId;
 
     if (!sessionId) {