feat(flutter/auth): server URL screen + auth provider + secure storage

AuthController is an AsyncNotifier holding the currently-logged-in
User. server_url, session_token, current_user all live in
flutter_secure_storage. ServerUrlScreen probes /healthz before saving
the URL so we don't store a bogus base.
This commit is contained in:
2026-05-02 17:20:26 -04:00
parent c0785cf894
commit 3cf874ab69
4 changed files with 203 additions and 0 deletions
@@ -0,0 +1,14 @@
import 'package:dio/dio.dart';
class HealthApi {
HealthApi(this._dio);
final Dio _dio;
/// Returns {status, min_client_version}. Hits the unauthenticated
/// `/healthz` endpoint at the configured base URL.
Future<Map<String, String>> check() async {
final r = await _dio.get<Map<String, dynamic>>('/healthz');
return (r.data ?? const <String, dynamic>{})
.map((k, v) => MapEntry(k, v.toString()));
}
}
@@ -0,0 +1,56 @@
import 'dart:convert';
import 'package:flutter_riverpod/flutter_riverpod.dart';
import 'package:flutter_secure_storage/flutter_secure_storage.dart';
import '../models/user.dart';
const _kServerUrl = 'server_url';
const _kSessionToken = 'session_token';
const _kCurrentUser = 'current_user';
final secureStorageProvider = Provider<FlutterSecureStorage>(
(ref) => const FlutterSecureStorage(),
);
final serverUrlProvider = FutureProvider<String?>((ref) async {
return ref.watch(secureStorageProvider).read(key: _kServerUrl);
});
final sessionTokenProvider = FutureProvider<String?>((ref) async {
return ref.watch(secureStorageProvider).read(key: _kSessionToken);
});
class AuthController extends AsyncNotifier<User?> {
late FlutterSecureStorage _storage;
@override
Future<User?> build() async {
_storage = ref.watch(secureStorageProvider);
final raw = await _storage.read(key: _kCurrentUser);
if (raw == null) return null;
return User.fromJson(jsonDecode(raw) as Map<String, dynamic>);
}
Future<void> setServerUrl(String url) async {
await _storage.write(key: _kServerUrl, value: url);
ref.invalidate(serverUrlProvider);
}
Future<void> setSession({required String token, required String userJson}) async {
await _storage.write(key: _kSessionToken, value: token);
await _storage.write(key: _kCurrentUser, value: userJson);
ref.invalidate(sessionTokenProvider);
state = AsyncData(User.fromJson(jsonDecode(userJson) as Map<String, dynamic>));
}
Future<void> clearSession() async {
await _storage.delete(key: _kSessionToken);
await _storage.delete(key: _kCurrentUser);
ref.invalidate(sessionTokenProvider);
state = const AsyncData(null);
}
}
final authControllerProvider =
AsyncNotifierProvider<AuthController, User?>(AuthController.new);
@@ -0,0 +1,81 @@
import 'package:dio/dio.dart';
import 'package:flutter/material.dart';
import 'package:flutter_riverpod/flutter_riverpod.dart';
import '../api/endpoints/health.dart';
import '../theme/theme_extension.dart';
import 'auth_provider.dart';
class ServerUrlScreen extends ConsumerStatefulWidget {
const ServerUrlScreen({super.key});
@override
ConsumerState<ServerUrlScreen> createState() => _ServerUrlScreenState();
}
class _ServerUrlScreenState extends ConsumerState<ServerUrlScreen> {
final _ctrl = TextEditingController();
bool _busy = false;
String? _error;
Future<void> _connect() async {
final url = _ctrl.text.trim();
if (url.isEmpty) {
setState(() => _error = 'Enter a server URL.');
return;
}
setState(() {
_busy = true;
_error = null;
});
try {
final dio = Dio(BaseOptions(baseUrl: url, connectTimeout: const Duration(seconds: 5)));
final body = await HealthApi(dio).check();
if (body['status'] != 'ok') {
throw StateError('unhealthy');
}
await ref.read(authControllerProvider.notifier).setServerUrl(url);
if (!mounted) return;
Navigator.of(context).pushReplacementNamed('/login');
} on DioException catch (_) {
setState(() => _error = "Couldn't reach that server.");
} catch (_) {
setState(() => _error = "Couldn't reach that server.");
} finally {
if (mounted) setState(() => _busy = false);
}
}
@override
Widget build(BuildContext context) {
final fs = Theme.of(context).extension<FabledSwordTheme>()!;
return Scaffold(
body: SafeArea(
child: Padding(
padding: const EdgeInsets.all(24),
child: Column(crossAxisAlignment: CrossAxisAlignment.stretch, children: [
const SizedBox(height: 48),
Text('Connect to your Minstrel', style: TextStyle(fontFamily: fs.display.fontFamily, fontSize: 28)),
const SizedBox(height: 24),
TextField(
controller: _ctrl,
keyboardType: TextInputType.url,
decoration: const InputDecoration(labelText: 'Server URL', hintText: 'https://music.example.com'),
),
if (_error != null) Padding(
padding: const EdgeInsets.only(top: 8),
child: Text(_error!, style: TextStyle(color: fs.error)),
),
const SizedBox(height: 16),
FilledButton(
onPressed: _busy ? null : _connect,
child: _busy
? const SizedBox(width: 18, height: 18, child: CircularProgressIndicator(strokeWidth: 2))
: const Text('Connect'),
),
]),
),
),
);
}
}
@@ -0,0 +1,52 @@
import 'package:flutter_test/flutter_test.dart';
import 'package:flutter_secure_storage/flutter_secure_storage.dart';
import 'package:flutter_riverpod/flutter_riverpod.dart';
import 'package:mocktail/mocktail.dart';
import 'package:minstrel/auth/auth_provider.dart';
class _MockStorage extends Mock implements FlutterSecureStorage {}
void main() {
late _MockStorage storage;
setUpAll(() {
registerFallbackValue('');
});
setUp(() {
storage = _MockStorage();
// Default reads return null; default writes/deletes succeed.
when(() => storage.read(key: any(named: 'key'))).thenAnswer((_) async => null);
when(() => storage.write(key: any(named: 'key'), value: any(named: 'value'))).thenAnswer((_) async {});
when(() => storage.delete(key: any(named: 'key'))).thenAnswer((_) async {});
});
test('saves server URL via setServerUrl', () async {
final container = ProviderContainer(overrides: [
secureStorageProvider.overrideWithValue(storage),
]);
addTearDown(container.dispose);
await container.read(authControllerProvider.notifier).setServerUrl('http://localhost:8080');
verify(() => storage.write(key: 'server_url', value: 'http://localhost:8080')).called(1);
});
test('setSession then clearSession transitions auth state to null', () async {
final container = ProviderContainer(overrides: [
secureStorageProvider.overrideWithValue(storage),
]);
addTearDown(container.dispose);
final ctrl = container.read(authControllerProvider.notifier);
await ctrl.setSession(token: 't', userJson: '{"id":"u","username":"u","is_admin":false}');
expect((await container.read(authControllerProvider.future))?.username, 'u');
// clearSession must trigger storage deletes for both keys.
await ctrl.clearSession();
verify(() => storage.delete(key: 'session_token')).called(1);
verify(() => storage.delete(key: 'current_user')).called(1);
expect(await container.read(authControllerProvider.future), isNull);
});
}