Skip to content

feat(organizer): establish secure website console access#17

Open
Elvis020 wants to merge 1 commit into
mainfrom
feature/organizer-console-access
Open

feat(organizer): establish secure website console access#17
Elvis020 wants to merge 1 commit into
mainfrom
feature/organizer-console-access

Conversation

@Elvis020

@Elvis020 Elvis020 commented Jul 14, 2026

Copy link
Copy Markdown
Collaborator

Phase 3: secure organizer-console access

  • Phase 1: Host the static website on Cloudflare
  • Phase 2: Verify and cut over devcongress.org
  • Phase 3: Add secure organizer-console access ← this PR
  • Phase 4: Move organizer features gradually
  • Phase 5: Build new community features in the website
  • Phase 6: Retire duplicate legacy surfaces

This prepares a separate devcongress-organizer Worker for em.devcongress.org.

Public-site boundary

devcongress.org remains static-only. This PR adds no organizer page, navigation link, login flow, or authentication route to the public Astro build.

The organizer experience is built separately from the public site. It contains only a sign-in page and an OAuth callback, and will be served only from the organizer hostname once its Custom Domain is attached.

After sign-in, the Worker verifies the user's active organizer membership in Supabase, creates an HTTP-only session, and records organizer audit events. The sign-in page is intentionally reachable so organizers can begin authentication; protected organizer access requires an approved membership.

Supabase now allows https://em.devcongress.org/api/auth/admin/callback. The Google provider remains configured through Supabase.

Cloudflare rollout dependency

The current public Worker is static-assets-only and cannot accept variables or secrets. This PR therefore creates a separate organizer Worker configuration, with workers_dev disabled and no custom-domain route yet.

After merge:

  1. Let the first main build deploy the devcongress-organizer script.
  2. Add em.devcongress.org as that Worker’s Custom Domain.
  3. Set ORGANIZER_ORIGIN=https://em.devcongress.org.
  4. Add SUPABASE_URL, SUPABASE_ANON_KEY, and SUPABASE_SERVICE_ROLE_KEY as Worker secrets.
  5. Rerun the deployment and smoke-test login, rejected non-member access, approved organizer access, and sign-out.

Verified with pnpm build, pnpm build:organizer, and pnpm exec wrangler deploy --config wrangler.organizer.jsonc --dry-run.

@Elvis020 Elvis020 requested a review from bubunyo July 14, 2026 10:29
@Elvis020 Elvis020 force-pushed the feature/organizer-console-access branch from 900b2bb to f897e58 Compare July 14, 2026 11:40
Keep devcongress.org static-only by removing organizer navigation, console routes, and authentication runtime from the public-site Worker. Add a separate organizer Astro build and devcongress-organizer Worker configuration for the future organizer subdomain, proposed as em.devcongress.org.

The organizer surface provides a minimal Google sign-in and OAuth callback flow, verifies active Supabase organizer membership, records audit events, and issues only Secure, HTTP-only, SameSite=Strict sessions. It is disabled until an exact ORGANIZER_ORIGIN and custom domain are configured, and it has no workers.dev exposure.

Verified pnpm build, pnpm build:organizer, and pnpm exec wrangler deploy --config wrangler.organizer.jsonc --dry-run.
@Elvis020 Elvis020 self-assigned this Jul 15, 2026
@Elvis020 Elvis020 added the enhancement New feature or request label Jul 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

enhancement New feature or request

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant