feat: improve chat UX and add optional auth for public feedback

- Add debounced search (200ms) in chat sidebar for better performance - Add toast notifications for conversation actions (archive, restore, delete, pin) - Add race condition protection when loading conversations - Add OptionalAuthGuard for public feedback endpoint (unauthenticated access) - Add backHref prop to PageHeader component for back navigation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-27 22:17:42 +02:00 · 2025-11-29 23:10:03 +01:00 · 2025-11-29 23:10:03 +01:00 · c85cd4556c
commit c85cd4556c
parent 0893ed7daa
7 changed files with 192 additions and 53 deletions
--- a/services/mana-core-auth/src/common/guards/optional-auth.guard.ts
+++ b/services/mana-core-auth/src/common/guards/optional-auth.guard.ts
@ -0,0 +1,57 @@
+import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import * as jwt from 'jsonwebtoken';
+
+/**
+ * Optional authentication guard
+ * Attaches user to request if valid token is present, but doesn't require it
+ */
+@Injectable()
+export class OptionalAuthGuard implements CanActivate {
+	constructor(private configService: ConfigService) {}
+
+	async canActivate(context: ExecutionContext): Promise<boolean> {
+		const request = context.switchToHttp().getRequest();
+		const token = this.extractTokenFromHeader(request);
+
+		if (!token) {
+			// No token - allow request but no user
+			request.user = null;
+			return true;
+		}
+
+		try {
+			const publicKey = this.configService.get<string>('jwt.publicKey');
+			if (!publicKey) {
+				request.user = null;
+				return true;
+			}
+
+			const audience = this.configService.get<string>('jwt.audience');
+			const issuer = this.configService.get<string>('jwt.issuer');
+
+			const payload = jwt.verify(token, publicKey, {
+				algorithms: ['RS256'],
+				audience,
+				issuer,
+			}) as jwt.JwtPayload;
+
+			// Attach user to request
+			request.user = {
+				userId: payload.sub,
+				email: payload.email,
+				role: payload.role,
+			};
+		} catch {
+			// Invalid token - allow request but no user
+			request.user = null;
+		}
+
+		return true;
+	}
+
+	private extractTokenFromHeader(request: any): string | undefined {
+		const [type, token] = request.headers.authorization?.split(' ') ?? [];
+		return type === 'Bearer' ? token : undefined;
+	}
+}