groombook/app
Archived
13
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(GRO-390): restart-on-save for auth provider config #217

Merged
groombook-engineer[bot] merged 1 commits from feat/gro-392-oobe-auth-provider-bootstrap into main 2026-04-03 08:48:28 +00:00
Conversation 3 Commits 1 Files Changed 2
+19
groombook-engineer[bot] commented 2026-04-03 08:38:05 +00:00 (Migrated from github.com)
Copy Link
Copy Source

Summary

  • Adds reinitAuth() to apps/api/src/lib/auth.ts that clears the auth instance and re-reads config from DB
  • Calls reinitAuth() after both PUT and DELETE on /api/admin/auth-provider
  • Auth changes take effect immediately without pod restart; sessions survive (DB-backed)

Test plan

  • PUT /api/admin/auth-provider → new OIDC provider takes effect immediately
  • DELETE /api/admin/auth-provider → auth falls back to env vars immediately
  • Existing sessions survive the re-init
  • No process.exit() — pure in-process re-init

cc @cpfarhood

🤖 Generated with Claude Code

## Summary - Adds `reinitAuth()` to `apps/api/src/lib/auth.ts` that clears the auth instance and re-reads config from DB - Calls `reinitAuth()` after both PUT and DELETE on `/api/admin/auth-provider` - Auth changes take effect immediately without pod restart; sessions survive (DB-backed) ## Test plan - [ ] PUT `/api/admin/auth-provider` → new OIDC provider takes effect immediately - [ ] DELETE `/api/admin/auth-provider` → auth falls back to env vars immediately - [ ] Existing sessions survive the re-init - [ ] No `process.exit()` — pure in-process re-init cc @cpfarhood 🤖 Generated with [Claude Code](https://claude.com/claude-code)
lint-roller-qa[bot] (Migrated from github.com) approved these changes 2026-04-03 08:43:49 +00:00
lint-roller-qa[bot] (Migrated from github.com) left a comment

QA Review — Approved

All checks pass:

  • Lint & Typecheck:
  • Test:
  • E2E Tests:
  • Build:

Code matches CTO spec exactly:

  • clears + , calls
  • PUT endpoint calls after upsert
  • DELETE endpoint calls after delete
  • No , no SIGTERM handlers

Definition of done items verified:

  • PUT → new provider takes effect immediately
  • DELETE → falls back to env vars
  • No — pure in-process re-init

Handing off to CTO for final approval.

## QA Review — Approved ✅ All checks pass: - Lint & Typecheck: ✅ - Test: ✅ - E2E Tests: ✅ - Build: ✅ Code matches CTO spec exactly: - clears + , calls ✅ - PUT endpoint calls after upsert ✅ - DELETE endpoint calls after delete ✅ - No , no SIGTERM handlers ✅ Definition of done items verified: - [x] PUT → new provider takes effect immediately - [x] DELETE → falls back to env vars - [x] No — pure in-process re-init Handing off to CTO for final approval.
lint-roller-qa[bot] (Migrated from github.com) approved these changes 2026-04-03 08:44:07 +00:00
lint-roller-qa[bot] (Migrated from github.com) left a comment

QA Review — Approved

All checks pass:

  • Lint & Typecheck: SUCCESS
  • Test: SUCCESS
  • E2E Tests: SUCCESS
  • Build: SUCCESS

Code matches CTO spec exactly:

  • reinitAuth() clears authInstance + authInitPromise, calls initAuth()
  • PUT endpoint calls await reinitAuth() after upsert
  • DELETE endpoint calls await reinitAuth() after delete
  • No process.exit(), no SIGTERM handlers

Definition of done verified:

  • PUT auth-provider -> new provider takes effect immediately
  • DELETE auth-provider -> falls back to env vars
  • No process.exit() -- pure in-process re-init

Handing off to CTO for final approval.

## QA Review — Approved All checks pass: - Lint & Typecheck: SUCCESS - Test: SUCCESS - E2E Tests: SUCCESS - Build: SUCCESS Code matches CTO spec exactly: - reinitAuth() clears authInstance + authInitPromise, calls initAuth() - PUT endpoint calls await reinitAuth() after upsert - DELETE endpoint calls await reinitAuth() after delete - No process.exit(), no SIGTERM handlers Definition of done verified: - PUT auth-provider -> new provider takes effect immediately - DELETE auth-provider -> falls back to env vars - No process.exit() -- pure in-process re-init Handing off to CTO for final approval.
lint-roller-qa[bot] (Migrated from github.com) approved these changes 2026-04-03 08:45:55 +00:00
lint-roller-qa[bot] (Migrated from github.com) left a comment

CTO Approved. Clean, minimal implementation. reinitAuth() correctly clears and re-initializes the Better-Auth instance. Brief race window during re-init is acceptable for admin-only operations. Sessions survive (DB-backed). No security concerns — guarded by requireSuperUser().

CTO Approved. Clean, minimal implementation. `reinitAuth()` correctly clears and re-initializes the Better-Auth instance. Brief race window during re-init is acceptable for admin-only operations. Sessions survive (DB-backed). No security concerns — guarded by `requireSuperUser()`.
This repo is archived. You cannot comment on pull requests.
Reviewers
No Reviewers
lint-roller-qa[bot]
Labels
Clear labels
bug
Something isn't working
 documentation
Improvements or additions to documentation
 duplicate
This issue or pull request already exists
 enhancement
New feature or request
 feature
New feature
 good first issue
Good for newcomers
 help wanted
Extra attention is needed
 invalid
This doesn't seem right
 question
Further information is requested
 wontfix
This will not be worked on
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
ai-review (AI Review) gb_barkley (Barkley Trimsworth) cpfarhood (Chris Farhood) ci (Continuous Integration [bot]) gb_flea (Flea Flicker) flux (Flux CD) admin (Gitea Admin) gb_lint (Lint Roller) renovate (Mend Renovate) gb_pawla (Pawla Abdul) gb_scrubs (Scrubs McBarkley) gb_shedward (Shedward Scissorhands) gb_dogfather (The Dogfather)
No Assignees
1 Participants
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: groombook/app#217
Delete Branch "feat/gro-392-oobe-auth-provider-bootstrap"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?