Skip to content

Added Dashboard Pages#69

Merged
blebelo merged 7 commits into
mainfrom
feature/adminPortal
Jun 5, 2026
Merged

Added Dashboard Pages#69
blebelo merged 7 commits into
mainfrom
feature/adminPortal

Conversation

@blebelo

@blebelo blebelo commented Jun 5, 2026

Copy link
Copy Markdown
Owner

Summary by CodeRabbit

Release Notes

  • New Features

    • Added admin dashboard pages for Applications, Courses, Settings, and Students management.
    • Enhanced authentication flow with improved user redirection handling.
  • Bug Fixes

    • Resolved 12 identified issues including authentication token storage, dashboard navigation, session management, and unauthorized access handling.

@blebelo blebelo self-assigned this Jun 5, 2026
@vercel

vercel Bot commented Jun 5, 2026

Copy link
Copy Markdown
Contributor

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
moipone Ready Ready Preview, Comment Jun 5, 2026 5:20pm

@coderabbitai

coderabbitai Bot commented Jun 5, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Walkthrough

This PR restructures the admin dashboard architecture by consolidating authentication flows, migrating token storage to localStorage, and reorganizing routes. It documents 12 identified bugs and implements fixes across auth guards, login redirects, token handling, axios interceptors, and provider scoping.

Changes

Auth Refactoring and Admin Dashboard Reorganization

Layer / File(s) Summary
Bug documentation and proposed fixes
bugs.md
Comprehensive bug report documenting 12 identified issues across authentication token storage, routing, auth guards, login redirects, route grouping, middleware, session state, and axios interceptors, with proposed code fixes for each issue.
Admin route restructuring and layout protection
next-ts/app/(admin)/admin/layout.tsx, next-ts/app/(admin)/admin/(workspace)/layout.tsx, next-ts/app/(admin)/admin/(workspace)/applications/page.tsx, next-ts/app/(admin)/admin/(workspace)/courses/page.tsx, next-ts/app/(admin)/admin/(workspace)/settings/page.tsx, next-ts/app/(admin)/admin/(workspace)/students/page.tsx
Routes move from (dashboard)/admin to (admin)/admin with workspace grouping. AdminRootLayout wraps children with AuthProvider, and AdminProtectedLayout wraps children with WithAuth guard plus a cascade of data providers (StudentProvider, CourseProvider, ApplicationProvider, ContactProvider). Four placeholder page components added for dashboard sections.
Login page authenticated-user redirect
next-ts/app/(admin)/admin/page.tsx
Adds useEffect hook to redirect authenticated users to /admin/dashboard via router.replace. Early returns null to suppress login form when currentUser is present.
Token storage migration to localStorage
next-ts/src/components/AuthGuard/index.tsx, next-ts/src/providers/auth-provider/index.tsx
Switches token persistence from sessionStorage to localStorage throughout auth flow. AuthGuard reads token from localStorage and cleans up from localStorage on failure. AuthProvider clears localStorage on token expiry, derives userName from decoded JWT, persists only to localStorage on authenticate, and redirects to /admin on logout.
Axios interceptor implementation for auth and 401 handling
next-ts/src/lib/utils/axiosInstance.ts
Refactors axiosInstance to add request interceptor reading localStorage token and response interceptor handling 401 errors. 401 handler clears localStorage, calls sessionStorage.clear(), computes host-aware redirect path using subdomain-to-path mapping, and redirects when token previously existed.
Layout provider scoping and formatting updates
next-ts/app/(public)/layout.tsx, next-ts/app/(student)/layout.tsx, next-ts/app/layout.tsx
Updates provider wrapping across layouts to multi-line JSX structure for clarity. ContactProvider in public layout, ApplicationProvider in student layout (with AuthGuard import), and HydrationWrapper in root layout all reformatted. Changes support provider isolation between login and authenticated flows.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

  • blebelo/moipone#61: Introduces initial WithAuth/AuthGuard logic that this PR updates by switching token storage from sessionStorage to localStorage and adjusting redirect/cleanup behavior.
  • blebelo/moipone#57: Earlier auth provider and axios refactor that this PR builds upon by completing token storage migration and adding comprehensive interceptor patterns.
  • blebelo/moipone#66: Modifies admin dashboard protected layout auth wrapping with WithAuth redirect behavior, overlapping with this PR's admin route restructuring and auth guard implementation.

Suggested reviewers

  • codespace-cloudmaindesk
  • mblebelo

Poem

🐰 From sessionStorage to localStorage's glow,

Auth tokens now persist where secure flows go,

Admin routes restructured with guards in place,

Axios interceptors catch every 401 case,

Bugs documented and fixed, the app's standing tall,

Twelve issues resolved—the refactor fixes all! ✨

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name Status Explanation Resolution
Title check ⚠️ Warning The title "Added Dashboard Pages" does not accurately represent the main changes in this pull request. While some dashboard page files were added, the PR also includes significant refactoring of authentication architecture, provider restructuring, axios interceptor implementation, token storage migration from sessionStorage to localStorage, and removal of legacy dashboard route structure. The title captures only a minor aspect of the changeset. Update the title to reflect the primary architectural changes, such as "Refactor admin auth architecture and migrate to localStorage token storage" or "Restructure admin portal with auth guards and provider organization."
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feature/adminPortal

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@bugs.md`:
- Around line 117-131: The fenced code block containing the folder tree is
missing a language identifier which triggers markdown lint MD040; update the
code fence by adding a language tag (e.g., "text") after the opening triple
backticks so the block becomes ```text ... ```, ensuring the folder-tree snippet
(the block containing app/, admin/, (auth)/, layout.tsx, page.tsx, etc.) is
correctly fenced.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: d119a79b-298a-4039-a730-55913a1ec48c

📥 Commits

Reviewing files that changed from the base of the PR and between 54757c9 and cf46745.

📒 Files selected for processing (5)
  • bugs.md
  • next-ts/app/(dashboard)/admin/(protected)/applications/page.tsx
  • next-ts/app/(dashboard)/admin/(protected)/courses/page.tsx
  • next-ts/app/(dashboard)/admin/(protected)/settings/page.tsx
  • next-ts/app/(dashboard)/admin/(protected)/students/page.tsx

Comment thread bugs.md

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
next-ts/src/components/AuthGuard/index.tsx (1)

12-22: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Path-based student routes now fall back to the admin login.

axiosInstance in this PR treats /student and /withdraw as student auth entry points, and the stack context shows app/(student)/layout.tsx now uses AuthGuard. Lines 12-22 only inspect the host, so protected student pages served from the main host will redirect to /admin. Mirror the pathname fallback here or share the same helper to keep both flows aligned.

Suggested fix
 const getDefaultRedirectPath = () => {
   if (globalThis.window === undefined) {
     return "/admin";
   }
 
-  const host = globalThis.window.location.host.toLowerCase();
-  if (host.startsWith("student.")) {
+  const { host, pathname } = globalThis.window.location;
+  const normalizedHost = host.toLowerCase();
+
+  if (normalizedHost.startsWith("student.")) {
+    return "/student";
+  }
+
+  if (/^\/(student|withdraw)(\/|$)/.test(pathname)) {
     return "/student";
   }
 
   return "/admin";
 };
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@next-ts/src/components/AuthGuard/index.tsx` around lines 12 - 22,
getDefaultRedirectPath currently only inspects window.location.host and will
misroute student-protected pages served on the main host; update
getDefaultRedirectPath to also inspect globalThis.window.location.pathname
(e.g., check if pathname startsWith("/student") or "/withdraw") and return
"/student" when matched, or refactor to call the same shared helper used by
axiosInstance/app/(student)/layout.tsx so both host- and path-based detection
yield the same "/student" vs "/admin" redirect.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@next-ts/app/`(admin)/admin/page.tsx:
- Around line 15-21: Auth state is restored asynchronously in AuthProvider so
the page currently renders the login form before auth finishes; update
AuthProvider to expose a bootstrap/hydration flag (eg. isAuthBootstrapped or
isHydrated) from useAuthState, then in this component wait for that flag before
rendering or running the redirect: use the existing useAuthState values
(currentUser, isPending, isError) plus the new isAuthBootstrapped flag in the
useEffect and in the component render path to return null or a loader until
isAuthBootstrapped is true; ensure the redirect
(router.replace('/admin/dashboard')) only runs after isAuthBootstrapped and
currentUser are truthy so already-signed-in users never see the form (also apply
the same check where the form is rendered around line 31).

In `@next-ts/app/`(student)/layout.tsx:
- Line 1: The student layout imports AuthGuard but doesn't enforce it; wrap the
layout's rendered children with the AuthGuard component so all pages under this
layout are protected. Locate the exported layout component in layout.tsx (the
function that receives children) and return JSX that nests the existing layout
tree inside <AuthGuard>...</AuthGuard> (preserving any existing providers or
markup order), ensuring children remain passed through to AuthGuard. Make the
change for the layout component that currently renders the student area so route
protection is applied.

In `@next-ts/src/lib/utils/axiosInstance.ts`:
- Around line 53-68: The handler currently calls sessionStorage.clear(), which
wipes all origin-scoped session data; replace that call in the 401 error branch
(the block referencing hadToken, redirectPath, currentPath,
getUnauthorizedRedirectPath(), localStorage.removeItem("token")) with targeted
removal of only auth-owned session keys: either iterate an explicit allowlist
constant (e.g., AUTH_SESSION_KEYS) and call sessionStorage.removeItem for each,
or remove keys by a known prefix (e.g., keys startingWith "auth:" or
"session_auth_")—update the code where sessionStorage.clear() appears to use
this targeted cleanup before calling globalThis.location.replace(redirectPath).

In `@next-ts/src/providers/auth-provider/index.tsx`:
- Around line 27-30: The code is clearing the entire origin's localStorage on
token expiry (localStorage.clear()), which wipes unrelated data; replace that
with removing only auth-related keys: keep localStorage.removeItem("token") and
remove specific keys used by the auth flow (e.g. "refreshToken", "auth:user",
"auth:roles" or whatever keys your auth code uses), or iterate over keys and
remove only those with the auth prefix (e.g. startsWith("auth:")), instead of
calling localStorage.clear(); update the block around the exp check where
localStorage.clear() is called to target only auth-owned keys.

---

Outside diff comments:
In `@next-ts/src/components/AuthGuard/index.tsx`:
- Around line 12-22: getDefaultRedirectPath currently only inspects
window.location.host and will misroute student-protected pages served on the
main host; update getDefaultRedirectPath to also inspect
globalThis.window.location.pathname (e.g., check if pathname
startsWith("/student") or "/withdraw") and return "/student" when matched, or
refactor to call the same shared helper used by
axiosInstance/app/(student)/layout.tsx so both host- and path-based detection
yield the same "/student" vs "/admin" redirect.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: aef98d5b-a9cb-424e-9d6d-b0330e65c0b8

📥 Commits

Reviewing files that changed from the base of the PR and between cf46745 and 44c2646.

📒 Files selected for processing (19)
  • bugs.md
  • next-ts/app/(admin)/admin/(workspace)/applications/page.tsx
  • next-ts/app/(admin)/admin/(workspace)/courses/page.tsx
  • next-ts/app/(admin)/admin/(workspace)/dashboard/page.tsx
  • next-ts/app/(admin)/admin/(workspace)/dashboard/style.ts
  • next-ts/app/(admin)/admin/(workspace)/layout.tsx
  • next-ts/app/(admin)/admin/(workspace)/settings/page.tsx
  • next-ts/app/(admin)/admin/(workspace)/students/page.tsx
  • next-ts/app/(admin)/admin/layout.tsx
  • next-ts/app/(admin)/admin/page.tsx
  • next-ts/app/(admin)/admin/style.ts
  • next-ts/app/(dashboard)/admin/(protected)/layout.tsx
  • next-ts/app/(dashboard)/admin/layout.tsx
  • next-ts/app/(public)/layout.tsx
  • next-ts/app/(student)/layout.tsx
  • next-ts/app/layout.tsx
  • next-ts/src/components/AuthGuard/index.tsx
  • next-ts/src/lib/utils/axiosInstance.ts
  • next-ts/src/providers/auth-provider/index.tsx
💤 Files with no reviewable changes (6)
  • next-ts/app/(admin)/admin/(workspace)/courses/page.tsx
  • next-ts/app/(admin)/admin/(workspace)/students/page.tsx
  • next-ts/app/(admin)/admin/(workspace)/applications/page.tsx
  • next-ts/app/(admin)/admin/(workspace)/settings/page.tsx
  • next-ts/app/(dashboard)/admin/layout.tsx
  • next-ts/app/(dashboard)/admin/(protected)/layout.tsx
✅ Files skipped from review due to trivial changes (5)
  • next-ts/app/(admin)/admin/layout.tsx
  • next-ts/app/(public)/layout.tsx
  • next-ts/app/(admin)/admin/(workspace)/layout.tsx
  • next-ts/app/layout.tsx
  • bugs.md

Comment thread next-ts/app/(admin)/admin/page.tsx
Comment thread next-ts/app/(student)/layout.tsx
Comment thread next-ts/src/lib/utils/axiosInstance.ts
Comment thread next-ts/src/providers/auth-provider/index.tsx
@blebelo

blebelo commented Jun 5, 2026

Copy link
Copy Markdown
Owner Author

@CodeRabbit resolve

@coderabbitai

coderabbitai Bot commented Jun 5, 2026

Copy link
Copy Markdown
Contributor
✅ Action performed

Comments resolved. Approval is disabled; enable reviews.request_changes_workflow to allow explicit top-level @coderabbitai resolve or @coderabbitai approve commands.

@mblebelo mblebelo left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All checks passed and conversations resolved ✅

@blebelo blebelo merged commit 66ad296 into main Jun 5, 2026
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

enhancement New feature or request

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants