feat: integrate Supabase OAuth with OIDC discovery for authentication

Add rowboat auth flow using Supabase as the OIDC provider. User info is fetched via the standard OIDC userinfo endpoint (discovered from issuer metadata) instead of a hard-coded Supabase URL. Includes login screen, auth state hook, IPC handlers, logout button, and id_token_sub persistence for userinfo fetches across app restarts. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-04-26 00:46:23 +02:00 · 2026-02-03 07:25:33 +05:30 · 2026-02-03 07:25:33 +05:30 · bbe82c124d
commit bbe82c124d
parent 84c101fa21
10 changed files with 368 additions and 8 deletions
--- a/apps/x/packages/shared/src/ipc.ts
+++ b/apps/x/packages/shared/src/ipc.ts
@ -244,6 +244,39 @@ const ipcSchemas = {
      success: z.literal(true),
    }),
  },
+  'auth:getStatus': {
+    req: z.null(),
+    res: z.object({
+      isAuthenticated: z.boolean(),
+      user: z.object({
+        email: z.string(),
+        name: z.string().optional(),
+      }).nullable(),
+    }),
+  },
+  'auth:login': {
+    req: z.null(),
+    res: z.object({
+      success: z.boolean(),
+      error: z.string().optional(),
+    }),
+  },
+  'auth:logout': {
+    req: z.null(),
+    res: z.object({
+      success: z.boolean(),
+    }),
+  },
+  'auth:didAuthenticate': {
+    req: z.object({
+      isAuthenticated: z.boolean(),
+      user: z.object({
+        email: z.string(),
+        name: z.string().optional(),
+      }).nullable(),
+    }),
+    res: z.null(),
+  },
 } as const;

 // ============================================================================