rspace-online

Commit Graph

Author	SHA1	Message	Date
Jeff Emmett	22db2f439f	feat: client-side encryption wiring + space scoping UI (Phase 5+6) Phase 5 — EncryptID → DocCrypto bridge: - Add EncryptedDocBridge connecting WebAuthn PRF to document encryption - Add per-doc relay mode to SyncServer (encrypted spaces bypass participant mode) - Wire encryption toggle to syncServer.setRelayOnly() on PATCH /:slug/encryption - Restore relay mode for encrypted spaces on server startup - Initialize DocBridge from PRF on login, clear on sign-out (both login-button + identity) - Use bridge helpers for encrypted backup toggle in My Account Phase 6 — Space scoping UI: - Add "Modules" tab to Edit Space modal (enable/disable modules, scope toggles, encryption) - Auto-filter app switcher by space's enabledModules via renderShell() - Show "G" badge on global-scoped modules in app switcher - Show lock icon in header for encrypted spaces - Add getSpaceShellMeta() helper for auto-populating shell options Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-02 14:50:16 -08:00
Jeff Emmett	d5563d4636	fix: pass auth token in WebSocket connections for private spaces WebSocket clients were connecting without auth tokens, causing 401 rejections for authenticated/members_only spaces. Now reads the encryptid_session from localStorage and appends ?token= to WS URLs. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-28 22:08:07 -08:00
Jeff Emmett	2d5103c7d6	Add 7-layer local-first data infrastructure Crypto (PRF/HKDF/AES-256-GCM per-doc keys), Document (schema + manager), Storage (encrypted IndexedDB), Sync (multi-doc WebSocket client + server), Compute (local/server-delegated transforms), Query (views + search), and Memory Card interchange format. 2919 lines across 10 files. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 01:12:06 +00:00

Author

SHA1

Message

Date

Jeff Emmett

22db2f439f

feat: client-side encryption wiring + space scoping UI (Phase 5+6)

Phase 5 — EncryptID → DocCrypto bridge:
- Add EncryptedDocBridge connecting WebAuthn PRF to document encryption
- Add per-doc relay mode to SyncServer (encrypted spaces bypass participant mode)
- Wire encryption toggle to syncServer.setRelayOnly() on PATCH /:slug/encryption
- Restore relay mode for encrypted spaces on server startup
- Initialize DocBridge from PRF on login, clear on sign-out (both login-button + identity)
- Use bridge helpers for encrypted backup toggle in My Account

Phase 6 — Space scoping UI:
- Add "Modules" tab to Edit Space modal (enable/disable modules, scope toggles, encryption)
- Auto-filter app switcher by space's enabledModules via renderShell()
- Show "G" badge on global-scoped modules in app switcher
- Show lock icon in header for encrypted spaces
- Add getSpaceShellMeta() helper for auto-populating shell options

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-02 14:50:16 -08:00

Jeff Emmett

d5563d4636

fix: pass auth token in WebSocket connections for private spaces

WebSocket clients were connecting without auth tokens, causing 401
rejections for authenticated/members_only spaces. Now reads the
encryptid_session from localStorage and appends ?token= to WS URLs.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-28 22:08:07 -08:00

Jeff Emmett

2d5103c7d6

Add 7-layer local-first data infrastructure

Crypto (PRF/HKDF/AES-256-GCM per-doc keys), Document (schema + manager),
Storage (encrypted IndexedDB), Sync (multi-doc WebSocket client + server),
Compute (local/server-delegated transforms), Query (views + search),
and Memory Card interchange format. 2919 lines across 10 files.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-23 01:12:06 +00:00

3 Commits