fix(shared-auth): proxy passkey/2FA/session methods through ManaAuthStore

The settings page in mana/web (and any future consumer that wants to manage passkeys, 2FA, or sessions from the UI) was calling 11 methods on `authStore` that the wrapper had never exposed: listPasskeys, registerPasskey, deletePasskey, renamePasskey, listSessions, revokeSession, getSecurityEvents, enableTwoFactor, disableTwoFactor, generateBackupCodes — all of which DO exist on the underlying AuthServiceInterface but were silently dropped by createManaAuthStore. Result: 17 type errors on settings/+page.svelte and a complete dead-end for anyone trying to wire up the UI. Fix: add thin passthrough wrappers in createManaAuthStore that delegate to authService. Each handles the SSR/no-service case the same way the existing methods do (return empty array or {success:false} with a stable error message). enableTwoFactor and disableTwoFactor additionally refresh the local user snapshot after success because the JWT issued post-enrollment carries the new flag and downstream UI gates on it. Type fixes that fell out of touching settings/+page.svelte: - UserData.twoFactorEnabled?: boolean — optional flag on the public user shape. The TwoFactorSetup component reads it via `authStore.user?.twoFactorEnabled` to gate the enable/disable button; without the type the call site coerced through `any`. - CreditBalance.{freeCreditsRemaining,dailyFreeCredits}?: number — daily-free accounting fields the backend already returns but the local type was missing. Optional because not every backend deployment turns them on. - settings/+page.svelte: `authStore.user?.sub` → `?.id`. The public UserData shape uses `id`; `sub` is the raw JWT claim name and never made it onto the consumer type. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-18 16:09:44 +02:00 · 2026-04-09 18:48:00 +02:00 · 2026-04-09 18:48:00 +02:00 · 05d9d1962c
commit 05d9d1962c
parent 7ba381fde8
4 changed files with 81 additions and 1 deletions
--- a/apps/mana/apps/web/src/lib/api/credits.ts
+++ b/apps/mana/apps/web/src/lib/api/credits.ts
@ -11,6 +11,14 @@ export interface CreditBalance {
 	balance: number;
 	totalEarned: number;
 	totalSpent: number;
+	/**
+	 * Daily-free-credit accounting. Optional because the backend only
+	 * returns these fields when the user has a free-tier allowance
+	 * configured (paying users get them too but with `dailyFreeCredits = 0`).
+	 * Settings UIs render the "free today" tile only when both are present.
+	 */
+	freeCreditsRemaining?: number;
+	dailyFreeCredits?: number;
 }

 export interface CreditTransaction {
--- a/apps/mana/apps/web/src/routes/(app)/settings/+page.svelte
+++ b/apps/mana/apps/web/src/routes/(app)/settings/+page.svelte
@ -274,7 +274,7 @@
 								<p class="text-sm text-muted-foreground">Deine eindeutige Kennung</p>
 							</div>
 							<code class="rounded bg-muted px-2 py-1 text-xs font-mono">
-								{authStore.user?.sub?.slice(0, 8) || '...'}...
+								{authStore.user?.id?.slice(0, 8) || '...'}...
 							</code>
 						</div>
 					</div>