refactor(auth): sweep orphaned hero_auth references (#36) #37

Merged

timur merged 1 commit from 36-auth-orphan-sweep into development

2026-04-15 10:47:32 +00:00

timur commented

2026-04-15 10:38:49 +00:00

Owner

First pass on #36 — removes references left behind after hero_auth was ripped out (2c98634, 6354b25).

Changes

config.toml — drop "auth" from profiles.default and profiles.minimal island lists. COMPILED_ISLANDS in generated_profile.rs regenerates accordingly.
crates/hero_os_web/src/components/island_frame.rs — remove "auth" => "/hero_auth/ui/" mapping (dead route, island no longer exists).
crates/hero_os_app/src/services/env_service.rs — remove unreachable Bearer-token injection in http_get. config::auth_url() is gone and save_jwt was never called, so hero_auth_token is never written to localStorage.
crates/hero_os_app/src/storage.rs — delete unused save_jwt, load_jwt, and clear_desktop_state. Keep clear_jwt — still called from the logout handler at main.rs:1434 to scrub stale tokens left over from earlier hero_auth builds.
crates/hero_os_client/ — delete empty stub directory (was untracked, only contained a leftover target/).

Not in this PR

Remaining #36 items intentionally deferred:

LoginScreen / SetupWizard (966 LOC combined) — need product decision on whether to gate behind a feature flag or delete outright. In guest mode, on_auth is never invoked, but the logout handler still falls back to rendering LoginScreen, so the UI path is reachable.
Crate-wide #![allow(dead_code)] at main.rs:6 — removing it surfaces 20+ warnings; separate PR.
generated_profile.rs developer-path noise (first line embeds absolute path from whichever dev last built it) — needs build.rs fix to strip the path; separate PR.
Competing implementations, feature-flag matrix, socket stabilization — tracked on #36.

Verification

cargo check --workspace passes (exit 0, only pre-existing warnings).

Test plan

Fresh build succeeds
App boots in guest mode (unchanged behavior)
Logout still scrubs localStorage (verify hero_os_session_token and hero_os_jwt keys gone after logout)
No island with id "auth" registered or rendered

🤖 Generated with Claude Code

First pass on #36 — removes references left behind after hero_auth was ripped out (`2c98634`, `6354b25`). ## Changes - **`config.toml`** — drop `"auth"` from `profiles.default` and `profiles.minimal` island lists. `COMPILED_ISLANDS` in `generated_profile.rs` regenerates accordingly. - **`crates/hero_os_web/src/components/island_frame.rs`** — remove `"auth" => "/hero_auth/ui/"` mapping (dead route, island no longer exists). - **`crates/hero_os_app/src/services/env_service.rs`** — remove unreachable Bearer-token injection in `http_get`. `config::auth_url()` is gone and `save_jwt` was never called, so `hero_auth_token` is never written to localStorage. - **`crates/hero_os_app/src/storage.rs`** — delete unused `save_jwt`, `load_jwt`, and `clear_desktop_state`. **Keep `clear_jwt`** — still called from the logout handler at `main.rs:1434` to scrub stale tokens left over from earlier hero_auth builds. - **`crates/hero_os_client/`** — delete empty stub directory (was untracked, only contained a leftover `target/`). ## Not in this PR Remaining #36 items intentionally deferred: - **`LoginScreen` / `SetupWizard`** (966 LOC combined) — need product decision on whether to gate behind a feature flag or delete outright. In guest mode, `on_auth` is never invoked, but the logout handler still falls back to rendering `LoginScreen`, so the UI path is reachable. - **Crate-wide `#![allow(dead_code)]` at `main.rs:6`** — removing it surfaces 20+ warnings; separate PR. - **`generated_profile.rs` developer-path noise** (first line embeds absolute path from whichever dev last built it) — needs `build.rs` fix to strip the path; separate PR. - Competing implementations, feature-flag matrix, socket stabilization — tracked on #36. ## Verification - `cargo check --workspace` passes (exit 0, only pre-existing warnings). ## Test plan - [ ] Fresh build succeeds - [ ] App boots in guest mode (unchanged behavior) - [ ] Logout still scrubs localStorage (verify `hero_os_session_token` and `hero_os_jwt` keys gone after logout) - [ ] No island with id `"auth"` registered or rendered 🤖 Generated with [Claude Code](https://claude.com/claude-code)

timur added 1 commit

2026-04-15 10:38:49 +00:00

refactor(auth): sweep orphaned hero_auth references (#36 )

Build and Test / test (pull_request) Failing after 27s

Details

0c1e7d04f3

After the hero_auth removal (2c98634, 6354b25) several references were
left in the tree. Cleans them up:

- config.toml: drop "auth" from profiles.default and profiles.minimal
  island lists (regenerates COMPILED_ISLANDS)
- island_frame.rs: remove "auth" => "/hero_auth/ui/" route mapping
- env_service.rs: remove unreachable Bearer-token injection in http_get
  (config::auth_url() was removed; nothing writes hero_auth_token anymore)
- storage.rs: delete unused save_jwt/load_jwt and unused
  clear_desktop_state. Keep clear_jwt — still called by the logout
  handler to scrub stale tokens left by earlier hero_auth builds.
- remove empty crates/hero_os_client/ stub (never committed content,
  only a leftover target/ directory).

Refs #36.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>