DECNET

anti/DECNET

Fork 0

Commit Graph

Author	SHA1	Message	Date
anti	efe4e49de6	fix(web): restore SSE streams via single-use ticket flow The V3.1.1 backend change moved SSE auth off ?token=<JWT> onto a single-use ?ticket=, but the dashboard was never updated, so every live stream 401'd ('Could not validate credentials'). Add mintSseTicket() (POST /auth/sse-ticket with the Bearer JWT, returns an opaque 60s single-use ticket) and refactor all stream consumers to mint a fresh ticket at the top of each connect() — initial and every reconnect — then open EventSource with ?ticket=. A reused single-use ticket would 401-loop, so re-mint-per-connect is required. Covers Dashboard /stream, LiveLogs, and the attacker/identity/campaign/ orchestrator/topology hooks. connect() is now async with an unmount guard (cancelled flag checked after the await, before opening the stream); on a mint 401 the connect is skipped and the axios logout interceptor takes over.	2026-06-12 19:00:15 -04:00
anti	f2b3393669	chore: relicense to AGPL-3.0-or-later and add SPDX headers Replaces LICENSE (GPLv3 -> AGPLv3) and prepends `SPDX-License-Identifier: AGPL-3.0-or-later` to every source file across decnet/, decnet_web/, tests/, scripts/, and tools/. Rationale: closes the GPLv3 ASP loophole so any party operating a modified DECNET as a network service must offer their modified source. Personal copyright (Samuel Paschuan) + inbound=outbound contributions make a future unilateral relicense infeasible. - LICENSE: full AGPL-3.0 text (gnu.org/licenses/agpl-3.0.txt) - COPYRIGHT: project copyright notice - tools/add_spdx_headers.py: idempotent header injector (shebang- and PEP 263-aware) Touches 1565 source files (.py, .ts, .tsx, .js, .jsx, .css, .sh). No behavior change; comments only.	2026-05-22 21:04:16 -04:00
anti	d531cea536	feat(web): read-only campaigns API + SSE + frontend API: /api/v1/campaigns (paginated list), /api/v1/campaigns/{uuid} (soft-merge chain follow), /api/v1/campaigns/{uuid}/identities (member identities), and /api/v1/campaigns/events (SSE under campaign.> + JWT-via-?token=, snapshot-on-connect). Mirror of the identity router; same auth, same shape, same OpenAPI tags pattern. Frontend: CampaignDetail.tsx page (same visual vocabulary as IdentityDetail), useCampaignStream hook (mirror of useIdentityStream), /campaigns/:id route, IdentityDetail's CAMPAIGN badge becomes clickable and navigates to the campaign. useIdentityStream now listens for identity.campaign.assigned so the badge appears live without a manual refresh.	2026-04-26 09:20:17 -04:00

Author

SHA1

Message

Date

anti

efe4e49de6

fix(web): restore SSE streams via single-use ticket flow

The V3.1.1 backend change moved SSE auth off ?token=<JWT> onto a single-use
?ticket=, but the dashboard was never updated, so every live stream 401'd
('Could not validate credentials'). Add mintSseTicket() (POST /auth/sse-ticket
with the Bearer JWT, returns an opaque 60s single-use ticket) and refactor all
stream consumers to mint a fresh ticket at the top of each connect() — initial
and every reconnect — then open EventSource with ?ticket=. A reused single-use
ticket would 401-loop, so re-mint-per-connect is required.

Covers Dashboard /stream, LiveLogs, and the attacker/identity/campaign/
orchestrator/topology hooks. connect() is now async with an unmount guard
(cancelled flag checked after the await, before opening the stream); on a mint
401 the connect is skipped and the axios logout interceptor takes over.

2026-06-12 19:00:15 -04:00

anti

f2b3393669

chore: relicense to AGPL-3.0-or-later and add SPDX headers

Replaces LICENSE (GPLv3 -> AGPLv3) and prepends
`SPDX-License-Identifier: AGPL-3.0-or-later` to every source file
across decnet/, decnet_web/, tests/, scripts/, and tools/.

Rationale: closes the GPLv3 ASP loophole so any party operating a
modified DECNET as a network service must offer their modified
source. Personal copyright (Samuel Paschuan) + inbound=outbound
contributions make a future unilateral relicense infeasible.

- LICENSE: full AGPL-3.0 text (gnu.org/licenses/agpl-3.0.txt)
- COPYRIGHT: project copyright notice
- tools/add_spdx_headers.py: idempotent header injector
  (shebang- and PEP 263-aware)

Touches 1565 source files (.py, .ts, .tsx, .js, .jsx, .css, .sh).
No behavior change; comments only.

2026-05-22 21:04:16 -04:00

anti

d531cea536

feat(web): read-only campaigns API + SSE + frontend

API: /api/v1/campaigns (paginated list), /api/v1/campaigns/{uuid}
(soft-merge chain follow), /api/v1/campaigns/{uuid}/identities
(member identities), and /api/v1/campaigns/events (SSE under
campaign.> + JWT-via-?token=, snapshot-on-connect). Mirror of the
identity router; same auth, same shape, same OpenAPI tags pattern.

Frontend: CampaignDetail.tsx page (same visual vocabulary as
IdentityDetail), useCampaignStream hook (mirror of
useIdentityStream), /campaigns/:id route, IdentityDetail's
CAMPAIGN badge becomes clickable and navigates to the campaign.
useIdentityStream now listens for identity.campaign.assigned so
the badge appears live without a manual refresh.

2026-04-26 09:20:17 -04:00

3 Commits