feat(admin-api): enable auth headers for admin api routes

[frdomovic]

feat(admin-api): enable auth headers for admin api routes

Summary

In this PR admin API routes were split into two different routers.
One router is protected routes which should be always protected, and unprotected routes which should not be protected when there are no root keys saved in the DID.

Unprotected routes:

• "/health" - to ping node when setting up the node URL
• "/fetch-challenge" - to be able to sign challenge in process of adding the root key
• "/root-key"- to be able to add the first root key

Once the DID has saved root_key, auth layer is also applied to unprotected routes.

Requires adding auth headers to calimero sdk and admin dashboard

Summary by CodeRabbit

• New Features

  • Added a constant APP_URL and functions for managing application endpoints in storage.ts.
  • Introduced functionality for creating authentication headers in auth/headers.ts.
  • Updated version from "0.0.22" to "0.0.23" in package.json.

• Refactor

  • Reorganized routing logic in admin/service.rs with new routers and function imports.
  • Updated interfaces in nodeApi.ts to include a contextId field.
  • Renamed and added variables in routing logic within admin/service.rs.

• Documentation

  • No alterations to exported or public entities in package.json and other files.

[coderabbitai]

Walkthrough

The changes encompass restructuring route logic in the crates/server/src/admin/service.rs file, updating interfaces in calimero-sdk, and enhancing functionalities related to authentication headers and storage management.

Changes

File	Change Summary
crates/server/src/admin/service.rs	Reorganized routing logic, introduced new routers, and imported a function from storage.
packages/calimero-sdk/package.json	Updated version from "0.0.20" to "0.0.23".
packages/calimero-sdk/src/api/nodeApi.ts	Added a new contextId field to LoginRequest and RootKeyRequest interfaces.
packages/calimero-sdk/src/auth/headers.ts	Added functionality for creating authentication headers and managing private keys.
packages/calimero-sdk/src/auth/index.ts	Exported functionality related to headers and Ed25519.
packages/calimero-sdk/src/index.ts	Added export for the new auth module.
packages/calimero-sdk/src/storage/storage.ts	Introduced new constants, functions, and operations for managing application endpoints and storage.

Poem

In code's dance, changes unfold,
Routes reimagined, stories retold.
Interfaces adorned with context anew,
Headers crafted, security ensue.
Storage whispers of keys and URLs,
A symphony of tech, a rabbit's cues. 🐇✨

---

Note

Summarized by CodeRabbit Free

Your organization is on the Free plan. CodeRabbit will generate a high-level summary and a walkthrough for each pull request. For a comprehensive line-by-line review, please upgrade your subscription to CodeRabbit Pro by visiting https://coderabbit.ai

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[xilosada]

@MatejVukosav are we ok with this?

[MatejVukosav]

This is not part of this PR.

[frdomovic]

Auth wrapper already has this context_id header check thats why adding this is needed.

[MatejVukosav]

Now, when I think more about it, I think it will not work. We don't know the context id during login. We only know the application id... and multiple contexts can use the same application

[frdomovic]

It will work when context id replaces application id. When this happens we can just put context id in envs of application e.g. only peers client.
Right now this works when you pass application id as context id and apart from checking if the header exists there are no other tests with context_id. This new field is only used in context details > client keys so it does not break anything else.

[MatejVukosav]

But you don't know context upfront

[frdomovic]

So what do you propose should be done?

[MatejVukosav]

Lets wait for Mira to deploy context and then we can check it. I think we will need to remove client keys from context and bring them to level of root keys, independent.

[frdomovic]

Okay

[frdomovic]

cc @miraclx

[frdomovic]

Tested the admin ui and it works

[MatejVukosav]

@MatejVukosav are we ok with this?

@xilosada not yet

[MatejVukosav]

Check if this will work across multiple calls. We had some issues with cloning store before but can't recall exactly what was it

[MatejVukosav]

Just test it all together

[xilosada]

🚀