From dc3dea87f8f4b0090f333f61dd72571e489aa3ef Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Sat, 12 Oct 2024 16:22:02 +0200
Subject: [PATCH 01/18] Passing JWT to REST API, still messy code

---
 orval.config.js                               | 10 +++++
 src/app/actions.ts                            | 16 ++++++++
 src/app/apps/layout.tsx                       | 19 ++++++----
 src/app/apps/page.tsx                         | 22 ++++++++---
 .../generated/swagger/public/public.ts        | 37 +++++--------------
 src/components/Account/index.tsx              |  1 +
 src/custom-fetch.ts                           | 22 +++++++++++
 7 files changed, 86 insertions(+), 41 deletions(-)
 create mode 100644 src/custom-fetch.ts

diff --git a/orval.config.js b/orval.config.js
index 03628ec..dcd8913 100644
--- a/orval.config.js
+++ b/orval.config.js
@@ -1,6 +1,10 @@
 import { defineConfig } from "orval";
 import dotenv from "dotenv";
 
+/**
+ * See https://orval.dev/
+ */
+
 dotenv.config();
 
 export default defineConfig({
@@ -11,6 +15,12 @@ export default defineConfig({
       schemas: "src/badgehub-api-client/generated/models",
       client: "fetch",
       baseUrl: process.env.BADGEHUB_API_BASEURL || "https://api-staging.badgehub.nl",
+      override: {
+        mutator: {
+          path: './src/custom-fetch.ts',
+          name: 'customFetch',
+        },
+      },
     },
 
     input: {
diff --git a/src/app/actions.ts b/src/app/actions.ts
index a3c7f24..e3a5fad 100644
--- a/src/app/actions.ts
+++ b/src/app/actions.ts
@@ -3,10 +3,26 @@
 import {getApps, getCategories, getDevices} from "@/badgehub-api-client/generated/swagger/public/public";
 import {GetAppsParams} from "@/badgehub-api-client/generated/models";
 
+let token = "";
+
+
 export async function getAppData(searchParams: GetAppsParams) {
+
     return Promise.all([
         getApps(searchParams),
         getCategories(),
         getDevices(),
     ]);
+}
+
+export async function setToken(tokenIn: string) {
+    console.log('### setToken', tokenIn);
+
+    token = tokenIn;
+}
+
+export async function getToken() {
+    console.log('### getToken', token);
+
+    return token;
 }
\ No newline at end of file
diff --git a/src/app/apps/layout.tsx b/src/app/apps/layout.tsx
index 5360b8f..ef587ec 100644
--- a/src/app/apps/layout.tsx
+++ b/src/app/apps/layout.tsx
@@ -1,11 +1,16 @@
-import { LayoutProps } from "../../../.next/types/app/layout";
+"use client"
+
+import {SessionProvider} from "next-auth/react";
+import {LayoutProps} from "../../../.next/types/app/layout";
 import styles from "./layout.module.css";
 
 export default function AppsListingLayout(props: LayoutProps) {
-  return (
-    <main>
-      <h1 className={styles.title}>Apps</h1>
-      {props.children}
-    </main>
-  );
+    return (
+        <main>
+            <h1 className={styles.title}>Apps</h1>
+            <SessionProvider>
+                {props.children}
+            </SessionProvider>
+        </main>
+    );
 }
diff --git a/src/app/apps/page.tsx b/src/app/apps/page.tsx
index e5cb330..82ed3f5 100644
--- a/src/app/apps/page.tsx
+++ b/src/app/apps/page.tsx
@@ -1,7 +1,7 @@
 "use client"
 
 import {AppList} from "@/components/AppList";
-import {SessionProvider} from "next-auth/react";
+import {SessionProvider, useSession} from "next-auth/react";
 import {LoginButton} from "@/components/LoginButton";
 import {useEffect, useState} from "react";
 import {
@@ -9,7 +9,7 @@ import {
     getCategoriesResponse,
     getDevicesResponse
 } from "@/badgehub-api-client/generated/swagger/public/public";
-import {getAppData} from "../actions";
+import {getAppData, setToken} from "../actions";
 
 export interface SearchParams {
     category: string;
@@ -19,16 +19,26 @@ export interface SearchParams {
 export default function Listing({ searchParams }: {
     searchParams: Partial<SearchParams>;
 }) {
+    const {data: session, status} = useSession();
+
+    const token = (session as any)?.accessToken;
+
+    console.log("### Listing", (session as any)?.accessToken);
+    setToken(token);
+
     const [data, setData] = useState<[getAppsResponse, getCategoriesResponse, getDevicesResponse] | null>(null);
 
     useEffect(() => {
-        getAppData(searchParams).then((data) => setData(data));
-    }, [searchParams]);
+        (async () => {
+            // await setToken((session as any)?.accessToken);
+            getAppData(searchParams).then((data) => setData(data));
+        })();
+    }, [searchParams, token]);
 
     return (
-        <SessionProvider>
+        <>
             <LoginButton/>
             {data ? <AppList data={data}/> : <p>Loading new data...</p>}
-        </SessionProvider>
+        </>
     );
 }
diff --git a/src/badgehub-api-client/generated/swagger/public/public.ts b/src/badgehub-api-client/generated/swagger/public/public.ts
index 05fc02b..6d6273d 100644
--- a/src/badgehub-api-client/generated/swagger/public/public.ts
+++ b/src/badgehub-api-client/generated/swagger/public/public.ts
@@ -12,6 +12,7 @@ import type {
   Device,
   GetAppsParams
 } from '../../models'
+import { customFetch } from '../../../../custom-fetch';
 
 /**
  * Get list of devices (badges)
@@ -29,19 +30,14 @@ export const getGetDevicesUrl = () => {
 
 export const getDevices = async ( options?: RequestInit): Promise<getDevicesResponse> => {
   
-  const res = await fetch(getGetDevicesUrl(),
+  return customFetch<Promise<getDevicesResponse>>(getGetDevicesUrl(),
   {      
     ...options,
     method: 'GET'
     
     
   }
-
-  )
-  const data = await res.json()
-
-  return { status: res.status, data }
-}
+);}
 
 
 /**
@@ -60,19 +56,14 @@ export const getGetCategoriesUrl = () => {
 
 export const getCategories = async ( options?: RequestInit): Promise<getCategoriesResponse> => {
   
-  const res = await fetch(getGetCategoriesUrl(),
+  return customFetch<Promise<getCategoriesResponse>>(getGetCategoriesUrl(),
   {      
     ...options,
     method: 'GET'
     
     
   }
-
-  )
-  const data = await res.json()
-
-  return { status: res.status, data }
-}
+);}
 
 
 /**
@@ -100,19 +91,14 @@ export const getGetAppsUrl = (params?: GetAppsParams,) => {
 
 export const getApps = async (params?: GetAppsParams, options?: RequestInit): Promise<getAppsResponse> => {
   
-  const res = await fetch(getGetAppsUrl(params),
+  return customFetch<Promise<getAppsResponse>>(getGetAppsUrl(params),
   {      
     ...options,
     method: 'GET'
     
     
   }
-
-  )
-  const data = await res.json()
-
-  return { status: res.status, data }
-}
+);}
 
 
 /**
@@ -131,18 +117,13 @@ export const getGetAppDetailsUrl = (slug: string,) => {
 
 export const getAppDetails = async (slug: string, options?: RequestInit): Promise<getAppDetailsResponse> => {
   
-  const res = await fetch(getGetAppDetailsUrl(slug),
+  return customFetch<Promise<getAppDetailsResponse>>(getGetAppDetailsUrl(slug),
   {      
     ...options,
     method: 'GET'
     
     
   }
-
-  )
-  const data = await res.json()
-
-  return { status: res.status, data }
-}
+);}
 
 
diff --git a/src/components/Account/index.tsx b/src/components/Account/index.tsx
index a6c4287..a37c3d4 100644
--- a/src/components/Account/index.tsx
+++ b/src/components/Account/index.tsx
@@ -20,6 +20,7 @@ export function Account() {
 
     return <>
         <h1>Account</h1>
+        <p>Token: {(session as any)?.accessToken}</p>
         {html}
     </>;
 }
\ No newline at end of file
diff --git a/src/custom-fetch.ts b/src/custom-fetch.ts
new file mode 100644
index 0000000..c267b4c
--- /dev/null
+++ b/src/custom-fetch.ts
@@ -0,0 +1,22 @@
+import {getToken} from "@/app/actions";
+
+export const customFetch = async <T>(
+    url: string,
+    options: RequestInit,
+): Promise<T> => {
+
+    const token = await getToken();
+
+    console.log('### customFetch token', token);
+
+    const customOptions: RequestInit = {
+        ...options,
+        headers: [["Authorization", `Bearer ${token}`]],
+    };
+
+    const request = new Request(url, customOptions);
+    const response = await fetch(request);
+    const data = await response.json();
+
+    return { status: response.status, data } as T;
+};
\ No newline at end of file

From 38ea3da6b1d21c42bf0cf050be3f90e5d8aa6922 Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Sat, 12 Oct 2024 22:19:49 +0200
Subject: [PATCH 02/18] Setting token needs more work

---
 src/app/apps/page.tsx | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/src/app/apps/page.tsx b/src/app/apps/page.tsx
index 82ed3f5..c640447 100644
--- a/src/app/apps/page.tsx
+++ b/src/app/apps/page.tsx
@@ -20,20 +20,19 @@ export default function Listing({ searchParams }: {
     searchParams: Partial<SearchParams>;
 }) {
     const {data: session, status} = useSession();
+    const [data, setData] = useState<[getAppsResponse, getCategoriesResponse, getDevicesResponse] | null>(null);
 
     const token = (session as any)?.accessToken;
 
-    console.log("### Listing", (session as any)?.accessToken);
-    setToken(token);
+    // console.log("### Listing", (session as any)?.accessToken);
 
-    const [data, setData] = useState<[getAppsResponse, getCategoriesResponse, getDevicesResponse] | null>(null);
+    // TODO: rewrite
+    // TODO: first self sign?
+    setToken(token);
 
     useEffect(() => {
-        (async () => {
-            // await setToken((session as any)?.accessToken);
-            getAppData(searchParams).then((data) => setData(data));
-        })();
-    }, [searchParams, token]);
+        getAppData(searchParams).then((data) => setData(data));
+    }, [searchParams]);
 
     return (
         <>

From d49a47bd96e9e1b66537fb225c75254f48c2f3ef Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Sun, 13 Oct 2024 14:41:34 +0200
Subject: [PATCH 03/18] Cleanup some async code

---
 src/app/apps/page.tsx | 24 +++++++++++++-----------
 1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/src/app/apps/page.tsx b/src/app/apps/page.tsx
index c640447..1d56350 100644
--- a/src/app/apps/page.tsx
+++ b/src/app/apps/page.tsx
@@ -19,20 +19,22 @@ export interface SearchParams {
 export default function Listing({ searchParams }: {
     searchParams: Partial<SearchParams>;
 }) {
-    const {data: session, status} = useSession();
+    const {data: session} = useSession();
     const [data, setData] = useState<[getAppsResponse, getCategoriesResponse, getDevicesResponse] | null>(null);
 
-    const token = (session as any)?.accessToken;
-
-    // console.log("### Listing", (session as any)?.accessToken);
-
-    // TODO: rewrite
-    // TODO: first self sign?
-    setToken(token);
-
     useEffect(() => {
-        getAppData(searchParams).then((data) => setData(data));
-    }, [searchParams]);
+        async function getData() {
+            const token = (session as any)?.accessToken;
+            console.log("### token", `${token.substring(0, 10)}...`);
+            if (token) {
+                await setToken(token);
+            }
+            const data = await getAppData(searchParams);
+            setData(data);
+        }
+
+        getData();
+    }, [searchParams, session]);
 
     return (
         <>

From 4fdba29bfeb52cebe3d65efa0b02450c978c8230 Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Fri, 18 Oct 2024 09:23:07 +0200
Subject: [PATCH 04/18] Test jwt verification

---
 package-lock.json                             | 26 +++++++++--
 package.json                                  |  1 +
 src/app/actions.ts                            |  1 +
 src/app/apps/page.tsx                         |  8 ++--
 .../generated/models/app.ts                   |  2 +-
 .../generated/models/appDetails.ts            |  2 +-
 .../generated/models/category.ts              |  2 +-
 .../generated/models/device.ts                |  2 +-
 .../generated/models/getAppDetails404.ts      |  2 +-
 .../generated/models/getAppsParams.ts         |  2 +-
 .../generated/models/index.ts                 |  2 +-
 .../generated/swagger/public/public.ts        | 18 ++++----
 src/components/Account/index.tsx              | 45 +++++++++++++++++--
 src/custom-fetch.ts                           | 32 +++++++------
 14 files changed, 105 insertions(+), 40 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 1cb76e6..4e395a1 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -21,6 +21,7 @@
         "clsx": "^2.1.1",
         "eslint": "^8.57.1",
         "eslint-config-next": "^14.2.15",
+        "jose": "^5.9.4",
         "orval": "^7.0.1",
         "prettier": "3.3.3",
         "typescript": "^5"
@@ -4835,9 +4836,10 @@
       }
     },
     "node_modules/jose": {
-      "version": "4.15.9",
-      "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.9.tgz",
-      "integrity": "sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==",
+      "version": "5.9.4",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.4.tgz",
+      "integrity": "sha512-WBBl6au1qg6OHj67yCffCgFR3BADJBXN8MdRvCgJDuMv3driV2nHr7jdGvaKX9IolosAsn+M0XRArqLXUhyJHQ==",
+      "dev": true,
       "license": "MIT",
       "funding": {
         "url": "https://github.com/sponsors/panva"
@@ -5335,6 +5337,15 @@
         }
       }
     },
+    "node_modules/next-auth/node_modules/jose": {
+      "version": "4.15.9",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.9.tgz",
+      "integrity": "sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==",
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
     "node_modules/nimma": {
       "version": "0.2.2",
       "resolved": "https://registry.npmjs.org/nimma/-/nimma-0.2.2.tgz",
@@ -5757,6 +5768,15 @@
         "url": "https://github.com/sponsors/panva"
       }
     },
+    "node_modules/openid-client/node_modules/jose": {
+      "version": "4.15.9",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.9.tgz",
+      "integrity": "sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==",
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
     "node_modules/optionator": {
       "version": "0.9.4",
       "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.4.tgz",
diff --git a/package.json b/package.json
index f2afb22..a6178bf 100644
--- a/package.json
+++ b/package.json
@@ -26,6 +26,7 @@
     "clsx": "^2.1.1",
     "eslint": "^8.57.1",
     "eslint-config-next": "^14.2.15",
+    "jose": "^5.9.4",
     "orval": "^7.0.1",
     "prettier": "3.3.3",
     "typescript": "^5"
diff --git a/src/app/actions.ts b/src/app/actions.ts
index 7cc3d22..3139cf1 100644
--- a/src/app/actions.ts
+++ b/src/app/actions.ts
@@ -10,6 +10,7 @@ import { GetAppsParams } from "@/badgehub-api-client/generated/models";
 let token = "";
 
 export async function getAppData(searchParams: GetAppsParams) {
+  console.log("getAppData searchParams", searchParams);
   return Promise.all([getApps(searchParams), getCategories(), getDevices()]);
 }
 
diff --git a/src/app/apps/page.tsx b/src/app/apps/page.tsx
index b2181fd..d5eba9a 100644
--- a/src/app/apps/page.tsx
+++ b/src/app/apps/page.tsx
@@ -29,12 +29,14 @@ export default function Listing({
   useEffect(() => {
     async function getData() {
       const token = (session as any)?.accessToken;
-      console.log("### token", `${token.substring(0, 10)}...`);
+      console.log("### token", `${token?.substring(0, 10)}...`);
       if (token) {
         await setToken(token);
       }
-      const data = await getAppData(searchParams);
-      setData(data);
+      if (token) {
+        const data = await getAppData(searchParams);
+        setData(data);
+      }
     }
 
     getData();
diff --git a/src/badgehub-api-client/generated/models/app.ts b/src/badgehub-api-client/generated/models/app.ts
index fdaf687..b636277 100644
--- a/src/badgehub-api-client/generated/models/app.ts
+++ b/src/badgehub-api-client/generated/models/app.ts
@@ -1,5 +1,5 @@
 /**
- * Generated by orval v7.0.1 🍺
+ * Generated by orval v7.1.1 🍺
  * Do not edit manually.
  * badgehub-api
  * Node project for the BadgeHub API
diff --git a/src/badgehub-api-client/generated/models/appDetails.ts b/src/badgehub-api-client/generated/models/appDetails.ts
index 2ac848a..ae64f5a 100644
--- a/src/badgehub-api-client/generated/models/appDetails.ts
+++ b/src/badgehub-api-client/generated/models/appDetails.ts
@@ -1,5 +1,5 @@
 /**
- * Generated by orval v7.0.1 🍺
+ * Generated by orval v7.1.1 🍺
  * Do not edit manually.
  * badgehub-api
  * Node project for the BadgeHub API
diff --git a/src/badgehub-api-client/generated/models/category.ts b/src/badgehub-api-client/generated/models/category.ts
index 55ac000..693cd8c 100644
--- a/src/badgehub-api-client/generated/models/category.ts
+++ b/src/badgehub-api-client/generated/models/category.ts
@@ -1,5 +1,5 @@
 /**
- * Generated by orval v7.0.1 🍺
+ * Generated by orval v7.1.1 🍺
  * Do not edit manually.
  * badgehub-api
  * Node project for the BadgeHub API
diff --git a/src/badgehub-api-client/generated/models/device.ts b/src/badgehub-api-client/generated/models/device.ts
index abaabd5..3ea9b80 100644
--- a/src/badgehub-api-client/generated/models/device.ts
+++ b/src/badgehub-api-client/generated/models/device.ts
@@ -1,5 +1,5 @@
 /**
- * Generated by orval v7.0.1 🍺
+ * Generated by orval v7.1.1 🍺
  * Do not edit manually.
  * badgehub-api
  * Node project for the BadgeHub API
diff --git a/src/badgehub-api-client/generated/models/getAppDetails404.ts b/src/badgehub-api-client/generated/models/getAppDetails404.ts
index e79c91f..a0dd5eb 100644
--- a/src/badgehub-api-client/generated/models/getAppDetails404.ts
+++ b/src/badgehub-api-client/generated/models/getAppDetails404.ts
@@ -1,5 +1,5 @@
 /**
- * Generated by orval v7.0.1 🍺
+ * Generated by orval v7.1.1 🍺
  * Do not edit manually.
  * badgehub-api
  * Node project for the BadgeHub API
diff --git a/src/badgehub-api-client/generated/models/getAppsParams.ts b/src/badgehub-api-client/generated/models/getAppsParams.ts
index 0fe9a71..c8169b0 100644
--- a/src/badgehub-api-client/generated/models/getAppsParams.ts
+++ b/src/badgehub-api-client/generated/models/getAppsParams.ts
@@ -1,5 +1,5 @@
 /**
- * Generated by orval v7.0.1 🍺
+ * Generated by orval v7.1.1 🍺
  * Do not edit manually.
  * badgehub-api
  * Node project for the BadgeHub API
diff --git a/src/badgehub-api-client/generated/models/index.ts b/src/badgehub-api-client/generated/models/index.ts
index 9056a0b..91a3aca 100644
--- a/src/badgehub-api-client/generated/models/index.ts
+++ b/src/badgehub-api-client/generated/models/index.ts
@@ -1,5 +1,5 @@
 /**
- * Generated by orval v7.0.1 🍺
+ * Generated by orval v7.1.1 🍺
  * Do not edit manually.
  * badgehub-api
  * Node project for the BadgeHub API
diff --git a/src/badgehub-api-client/generated/swagger/public/public.ts b/src/badgehub-api-client/generated/swagger/public/public.ts
index f965ba6..e0c8227 100644
--- a/src/badgehub-api-client/generated/swagger/public/public.ts
+++ b/src/badgehub-api-client/generated/swagger/public/public.ts
@@ -1,5 +1,5 @@
 /**
- * Generated by orval v7.0.1 🍺
+ * Generated by orval v7.1.1 🍺
  * Do not edit manually.
  * badgehub-api
  * Node project for the BadgeHub API
@@ -25,7 +25,7 @@ export type getDevicesResponse = {
 export const getGetDevicesUrl = () => {
 
 
-  return `https://api-staging.badgehub.nl/api/v3/devices`
+  return `http://localhost:8001/api/v3/devices`
 }
 
 export const getDevices = async ( options?: RequestInit): Promise<getDevicesResponse> => {
@@ -51,7 +51,7 @@ export type getCategoriesResponse = {
 export const getGetCategoriesUrl = () => {
 
 
-  return `https://api-staging.badgehub.nl/api/v3/categories`
+  return `http://localhost:8001/api/v3/categories`
 }
 
 export const getCategories = async ( options?: RequestInit): Promise<getCategoriesResponse> => {
@@ -75,18 +75,16 @@ export type getAppsResponse = {
 }
 
 export const getGetAppsUrl = (params?: GetAppsParams,) => {
-
   const normalizedParams = new URLSearchParams();
 
   Object.entries(params || {}).forEach(([key, value]) => {
-    if (value === null) {
-      normalizedParams.append(key, 'null');
-    } else if (value !== undefined) {
-      normalizedParams.append(key, value.toString());
+    
+    if (value !== undefined) {
+      normalizedParams.append(key, value === null ? 'null' : value.toString())
     }
   });
 
-  return normalizedParams.size ? `https://api-staging.badgehub.nl/api/v3/apps?${normalizedParams.toString()}` : `https://api-staging.badgehub.nl/api/v3/apps`
+  return normalizedParams.size ? `http://localhost:8001/api/v3/apps?${normalizedParams.toString()}` : `http://localhost:8001/api/v3/apps`
 }
 
 export const getApps = async (params?: GetAppsParams, options?: RequestInit): Promise<getAppsResponse> => {
@@ -112,7 +110,7 @@ export type getAppDetailsResponse = {
 export const getGetAppDetailsUrl = (slug: string,) => {
 
 
-  return `https://api-staging.badgehub.nl/api/v3/apps/${slug}`
+  return `http://localhost:8001/api/v3/apps/${slug}`
 }
 
 export const getAppDetails = async (slug: string, options?: RequestInit): Promise<getAppDetailsResponse> => {
diff --git a/src/components/Account/index.tsx b/src/components/Account/index.tsx
index 0892b07..4eca89b 100644
--- a/src/components/Account/index.tsx
+++ b/src/components/Account/index.tsx
@@ -1,5 +1,44 @@
-import { signIn, signOut, useSession } from "next-auth/react";
-import styles from "@/components/LoginButton/LoginButton.module.css";
+import { useSession } from "next-auth/react";
+import * as jose from "jose";
+
+// async function verify() {
+//   console.log("run verify()");
+//
+//   const token =
+//     "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJsRTVzX1JiTGZkVzFMQk9Hdl9RNE1MZktoRmJVNXJ6dkZsVEc4UGZyQzVzIn0.eyJleHAiOjE3Mjg5OTY4OTksImlhdCI6MTcyODk5NjU5OSwiYXV0aF90aW1lIjoxNzI4OTk2NTk5LCJqdGkiOiI0NGU3NmI3ZS01MDdjLTRhYTQtOTcwYS0yNDA1M2QxNjVlNjMiLCJpc3MiOiJodHRwczovL2xlbXVyLTExLmNsb3VkLWlhbS5jb20vYXV0aC9yZWFsbXMvYmFkZ2VodWIiLCJhdWQiOlsicmVhbG0tbWFuYWdlbWVudCIsImFjY291bnQiXSwic3ViIjoiNjhiNmFiZjgtNjBhNC00MWFlLTlmMTQtYTc3ZmQ2M2EwMjA3IiwidHlwIjoiQmVhcmVyIiwiYXpwIjoiYmFkZ2VodWIiLCJzaWQiOiIxNDExYzZhNi0wMWUxLTQ4ODMtOGMxYS1mYzZjMzk1OGYxYWIiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbImh0dHA6Ly9sb2NhbGhvc3Q6MzAwMC8qIiwiLyoiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwiZGVmYXVsdC1yb2xlcy1iYWRnZWh1YiIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsicmVhbG0tbWFuYWdlbWVudCI6eyJyb2xlcyI6WyJ2aWV3LWlkZW50aXR5LXByb3ZpZGVycyIsInZpZXctcmVhbG0iLCJtYW5hZ2UtaWRlbnRpdHktcHJvdmlkZXJzIiwiaW1wZXJzb25hdGlvbiIsInJlYWxtLWFkbWluIiwiY3JlYXRlLWNsaWVudCIsIm1hbmFnZS11c2VycyIsInF1ZXJ5LXJlYWxtcyIsInZpZXctYXV0aG9yaXphdGlvbiIsInF1ZXJ5LWNsaWVudHMiLCJxdWVyeS11c2VycyIsIm1hbmFnZS1ldmVudHMiLCJtYW5hZ2UtcmVhbG0iLCJ2aWV3LWV2ZW50cyIsInZpZXctdXNlcnMiLCJ2aWV3LWNsaWVudHMiLCJtYW5hZ2UtYXV0aG9yaXphdGlvbiIsIm1hbmFnZS1jbGllbnRzIiwicXVlcnktZ3JvdXBzIl19LCJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6Im9wZW5pZCBlbWFpbCBwcm9maWxlIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsIm5hbWUiOiJiYWRnZWh1YiBBZG1pbmlzdHJhdG9yIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4iLCJnaXZlbl9uYW1lIjoiYmFkZ2VodWIiLCJmYW1pbHlfbmFtZSI6IkFkbWluaXN0cmF0b3IiLCJlbWFpbCI6ImFkbWluQGVtYWlsLmNvbSJ9.Hl2ZlD95F565_wJE6J9IbcBJbJGqroLF6Z8q8_7hrFc3n8g0xPhcRngL0Qo1TrZqK2lM5MIDSgBm-l_Ei5Xg2NEs2qqpMBioaTudSz5Na3REk8fhLgCeae1W58LWmH7cI6Cbi05NQr4LGrFBmziHxXLAqcUvqXqQgmKL6QHNYt7Sp6nuJQWdnqyJG2D7xGnL6K6-B6tkqnE6OlzXoqcWuY8zXpuSwv1ptyjF6W6_dxRRPzAnI9DyOaYrjcfTgaZ31GXo4p30vUfX_0j26yqzyLJOTN6DBvGMvo_y8nHPt1ku7knfNouO6w5V0tnPcIReQpflZcy5rDqa0FhZIgthlA";
+//
+//   // const pubkey = new TextEncoder().encode(
+//   //   "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW3sdwzFuuZdDg1WJ2aTbvGTfJHPQsyhcT3AlI0J8kSO5i2b10svFNnqYU3LZHC5Arhgv+IEi0bSQOOE5WKX2y7LHVhZADvKu5XtvQ1MGT9Q0h9LqXyugiIGCMAfS8k97iMYJ4OIrfzElmiFlgAzGiATNrRVdGWieX02L5EFxEl5ovFszQ+eg0gmT9+QkQBz3+XteJIrETYhZT5YZY39XMvU45gm0vzkoX36R65VyhKQteYYEbcR4jL49Vs7BZ4O7EUTiF58Ag+XqLpV+W32B/Let/GNjIIV3WUA0Yq2jXeTnufVkKkv0m5E9ogE+gov4o/FDBMIz972+iNuq1u+WwIDAQAB",
+//   // );
+//
+//   const alg = "RS256";
+//
+//   try {
+//     console.log("importSPKI");
+//     //   const spki = `-----BEGIN PUBLIC KEY-----
+//     // MIMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW3sdwzFuuZdDg1WJ2aTbvGTfJHPQsyhcT3AlI0J8kSO5i2b10svFNnqYU3LZHC5Arhgv+IEi0bSQOOE5WKX2y7LHVhZADvKu5XtvQ1MGT9Q0h9LqXyugiIGCMAfS8k97iMYJ4OIrfzElmiFlgAzGiATNrRVdGWieX02L5EFxEl5ovFszQ+eg0gmT9+QkQBz3+XteJIrETYhZT5YZY39XMvU45gm0vzkoX36R65VyhKQteYYEbcR4jL49Vs7BZ4O7EUTiF58Ag+XqLpV+W32B/Let/GNjIIV3WUA0Yq2jXeTnufVkKkv0m5E9ogE+gov4o/FDBMIz972+iNuq1u+WwIDAQAB
+//     // -----END PUBLIC KEY-----`;
+//     // const publicKey = await jose.importSPKI(spki, alg);
+//
+//     // jwk from pasting jwt in https://jwt.io/
+//     const jwk = {
+//       e: "AQAB",
+//       kty: "RSA",
+//       n: "rW3sdwzFuuZdDg1WJ2aTbvGTfJHPQsyhcT3AlI0J8kSO5i2b10svFNnqYU3LZHC5Arhgv-IEi0bSQOOE5WKX2y7LHVhZADvKu5XtvQ1MGT9Q0h9LqXyugiIGCMAfS8k97iMYJ4OIrfzElmiFlgAzGiATNrRVdGWieX02L5EFxEl5ovFszQ-eg0gmT9-QkQBz3-XteJIrETYhZT5YZY39XMvU45gm0vzkoX36R65VyhKQteYYEbcR4jL49Vs7BZ4O7EUTiF58Ag-XqLpV-W32B_Let_GNjIIV3WUA0Yq2jXeTnufVkKkv0m5E9ogE-gov4o_FDBMIz972-iNuq1u-Ww",
+//     };
+//     const publicKey = await jose.importJWK(jwk, alg);
+//     console.log("start verification");
+//     const { payload, protectedHeader } = await jose.jwtVerify(token, publicKey);
+//     console.log("result", payload, protectedHeader);
+//   } catch (error) {
+//     console.error(error);
+//   }
+// }
+
+// function verifySync() {
+//   verify();
+//   return <p>Verification...</p>;
+// }
 
 export function Account() {
   const { data: session, status } = useSession();
@@ -21,7 +60,7 @@ export function Account() {
   return (
     <>
       <h1>Account</h1>
-      <p>Token: {(session as any)?.accessToken}</p>
+      <p>JWT: {(session as any)?.accessToken}</p>
       {html}
     </>
   );
diff --git a/src/custom-fetch.ts b/src/custom-fetch.ts
index c267b4c..bac7dbc 100644
--- a/src/custom-fetch.ts
+++ b/src/custom-fetch.ts
@@ -1,22 +1,26 @@
-import {getToken} from "@/app/actions";
+"use server";
+
+import { getToken } from "@/app/actions";
 
 export const customFetch = async <T>(
-    url: string,
-    options: RequestInit,
+  url: string,
+  options: RequestInit,
 ): Promise<T> => {
+  const token = await getToken();
+
+  const customOptions: RequestInit = {
+    ...options,
+    headers: [["Authorization", `Bearer ${token}`]],
+  };
 
-    const token = await getToken();
+  console.log("customFetch url", url);
 
-    console.log('### customFetch token', token);
+  const request = new Request(url, customOptions);
 
-    const customOptions: RequestInit = {
-        ...options,
-        headers: [["Authorization", `Bearer ${token}`]],
-    };
+  console.log("customFetch request", request);
 
-    const request = new Request(url, customOptions);
-    const response = await fetch(request);
-    const data = await response.json();
+  const response = await fetch(request);
+  const data = await response.json();
 
-    return { status: response.status, data } as T;
-};
\ No newline at end of file
+  return { status: response.status, data } as T;
+};

From 5f0c6e0d5f4882c175f0e67d90497a6622577b47 Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Wed, 6 Nov 2024 15:06:37 +0100
Subject: [PATCH 05/18] Background was off in light mode+

---
 src/app/apps/page.tsx                     | 9 +++++----
 src/app/globals.css                       | 2 ++
 src/components/AppList/AppList.module.css | 2 +-
 3 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/app/apps/page.tsx b/src/app/apps/page.tsx
index d5eba9a..6fcc5f3 100644
--- a/src/app/apps/page.tsx
+++ b/src/app/apps/page.tsx
@@ -33,10 +33,11 @@ export default function Listing({
       if (token) {
         await setToken(token);
       }
-      if (token) {
-        const data = await getAppData(searchParams);
-        setData(data);
-      }
+      // Disable authentication
+      // if (token) {
+      const data = await getAppData(searchParams);
+      setData(data);
+      // }
     }
 
     getData();
diff --git a/src/app/globals.css b/src/app/globals.css
index 0d8f720..4262fd2 100644
--- a/src/app/globals.css
+++ b/src/app/globals.css
@@ -6,6 +6,7 @@
     "Fira Mono", "Droid Sans Mono", "Courier New", monospace;
 
   --foreground-rgb: 0, 0, 0;
+  --shade-rgb: 200, 200, 200;
   --background-start-rgb: 214, 219, 220;
   --background-end-rgb: 255, 255, 255;
 
@@ -43,6 +44,7 @@
 @media (prefers-color-scheme: dark) {
   :root {
     --foreground-rgb: 255, 255, 255;
+    --shade-rgb: 50, 50, 50;
     --background-start-rgb: 0, 0, 0;
     --background-end-rgb: 60, 60, 60;
 
diff --git a/src/components/AppList/AppList.module.css b/src/components/AppList/AppList.module.css
index 0f2b1c5..e32a95a 100644
--- a/src/components/AppList/AppList.module.css
+++ b/src/components/AppList/AppList.module.css
@@ -1,7 +1,7 @@
 .appCard {
   border: 1px solid #666;
   border-radius: 8px;
-  background-color: #333;
+  background-color: rgb(var(--shade-rgb));
   padding: 30px;
   margin-bottom: 20px;
 }

From 4b85ff62aa2dc8c441229b4fc1a498ee179da4ac Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Sat, 4 Jan 2025 14:15:03 +0100
Subject: [PATCH 06/18] Disable authentication

---
 src/app/apps/page.tsx | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/app/apps/page.tsx b/src/app/apps/page.tsx
index 6fcc5f3..e924160 100644
--- a/src/app/apps/page.tsx
+++ b/src/app/apps/page.tsx
@@ -33,11 +33,8 @@ export default function Listing({
       if (token) {
         await setToken(token);
       }
-      // Disable authentication
-      // if (token) {
       const data = await getAppData(searchParams);
       setData(data);
-      // }
     }
 
     getData();

From 1688cfb243db237647996fbdfdf69a7b7fee1e8e Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Sat, 4 Jan 2025 17:06:31 +0100
Subject: [PATCH 07/18] Updated generated files from swagger

---
 .../generated/models/category.ts              |   3 +-
 .../generated/swagger/private/private.ts      | 272 +++++++++++++++++-
 .../generated/swagger/public/public.ts        | 133 ++++++++-
 3 files changed, 389 insertions(+), 19 deletions(-)

diff --git a/src/badgehub-api-client/generated/models/category.ts b/src/badgehub-api-client/generated/models/category.ts
index 693cd8c..6c3a22a 100644
--- a/src/badgehub-api-client/generated/models/category.ts
+++ b/src/badgehub-api-client/generated/models/category.ts
@@ -5,8 +5,9 @@
  * Node project for the BadgeHub API
  * OpenAPI spec version: 3
  */
+import type { AppCategoryName } from './appCategoryName';
 
 export interface Category {
-  name: string;
+  name: AppCategoryName;
   slug: string;
 }
diff --git a/src/badgehub-api-client/generated/swagger/private/private.ts b/src/badgehub-api-client/generated/swagger/private/private.ts
index 322868b..8e5053c 100644
--- a/src/badgehub-api-client/generated/swagger/private/private.ts
+++ b/src/badgehub-api-client/generated/swagger/private/private.ts
@@ -6,27 +6,115 @@
  * OpenAPI spec version: 3
  */
 import type {
-  Device
+  DbInsertAppMetadataJSONPartial,
+  ProjectProps,
+  ProjectPropsPartial,
+  ProjectSlug,
+  Uint8Array,
+  UserProps,
+  WriteFileBody
 } from '../../models'
 import { fetchWithBaseUrl } from '../../../../fetch-from-api';
 
 /**
- * Get list of devices (badges)
+ * Create a new app
  */
-export type getDevicesResponse = {
-  data: Device[];
+export type createAppResponse = {
+  data: void;
   status: number;
 }
 
-export const getGetDevicesUrl = () => {
+export const getCreateAppUrl = (slug: ProjectSlug,) => {
 
 
-  return `/api-private/v3/devices`
+  return `/api/v3/apps/${slug}`
 }
 
-export const getDevices = async ( options?: RequestInit): Promise<getDevicesResponse> => {
+export const createApp = async (slug: ProjectSlug,
+    projectProps: ProjectProps, options?: RequestInit): Promise<createAppResponse> => {
   
-  return fetchWithBaseUrl<Promise<getDevicesResponse>>(getGetDevicesUrl(),
+  return fetchWithBaseUrl<Promise<createAppResponse>>(getCreateAppUrl(slug),
+  {      
+    ...options,
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json', ...options?.headers },
+    body: JSON.stringify(
+      projectProps,)
+  }
+);}
+
+
+/**
+ * Create a new app
+ */
+export type deleteAppResponse = {
+  data: void;
+  status: number;
+}
+
+export const getDeleteAppUrl = (slug: ProjectSlug,) => {
+
+
+  return `/api/v3/apps/${slug}`
+}
+
+export const deleteApp = async (slug: ProjectSlug, options?: RequestInit): Promise<deleteAppResponse> => {
+  
+  return fetchWithBaseUrl<Promise<deleteAppResponse>>(getDeleteAppUrl(slug),
+  {      
+    ...options,
+    method: 'DELETE'
+    
+    
+  }
+);}
+
+
+/**
+ * Create a new app
+ */
+export type updateAppResponse = {
+  data: void;
+  status: number;
+}
+
+export const getUpdateAppUrl = (slug: ProjectSlug,) => {
+
+
+  return `/api/v3/apps/${slug}`
+}
+
+export const updateApp = async (slug: ProjectSlug,
+    projectPropsPartial: ProjectPropsPartial, options?: RequestInit): Promise<updateAppResponse> => {
+  
+  return fetchWithBaseUrl<Promise<updateAppResponse>>(getUpdateAppUrl(slug),
+  {      
+    ...options,
+    method: 'PATCH',
+    headers: { 'Content-Type': 'application/json', ...options?.headers },
+    body: JSON.stringify(
+      projectPropsPartial,)
+  }
+);}
+
+
+/**
+ * get the latest draft version of the app in zip format
+ */
+export type getLatestPublishedZipResponse = {
+  data: Uint8Array;
+  status: number;
+}
+
+export const getGetLatestPublishedZipUrl = (slug: string,) => {
+
+
+  return `/api/v3/apps/${slug}/draft/zip`
+}
+
+export const getLatestPublishedZip = async (slug: string, options?: RequestInit): Promise<getLatestPublishedZipResponse> => {
+  
+  return fetchWithBaseUrl<Promise<getLatestPublishedZipResponse>>(getGetLatestPublishedZipUrl(slug),
   {      
     ...options,
     method: 'GET'
@@ -36,3 +124,171 @@ export const getDevices = async ( options?: RequestInit): Promise<getDevicesResp
 );}
 
 
+/**
+ * Create a new user
+ */
+export type insertUserResponse = {
+  data: void;
+  status: number;
+}
+
+export const getInsertUserUrl = (userId: number,) => {
+
+
+  return `/api/v3/users/${userId}`
+}
+
+export const insertUser = async (userId: number,
+    userProps: UserProps, options?: RequestInit): Promise<insertUserResponse> => {
+  
+  return fetchWithBaseUrl<Promise<insertUserResponse>>(getInsertUserUrl(userId),
+  {      
+    ...options,
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json', ...options?.headers },
+    body: JSON.stringify(
+      userProps,)
+  }
+);}
+
+
+/**
+ * Upload a file to the latest draft version of the project.
+ */
+export type writeFileResponse = {
+  data: void;
+  status: number;
+}
+
+export const getWriteFileUrl = (slug: string,
+    filePath: string,) => {
+
+
+  return `/api/v3/apps/${slug}/draft/files/${filePath}`
+}
+
+export const writeFile = async (slug: string,
+    filePath: string,
+    writeFileBody: WriteFileBody, options?: RequestInit): Promise<writeFileResponse> => {
+  
+  return fetchWithBaseUrl<Promise<writeFileResponse>>(getWriteFileUrl(slug,filePath),
+  {      
+    ...options,
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json', ...options?.headers },
+    body: JSON.stringify(
+      writeFileBody,)
+  }
+);}
+
+
+/**
+ * get the latest draft version of the project.
+ */
+export type getDraftFileResponse = {
+  data: Uint8Array;
+  status: number;
+}
+
+export const getGetDraftFileUrl = (slug: string,
+    filePath: string,) => {
+
+
+  return `/api/v3/apps/${slug}/draft/files/${filePath}`
+}
+
+export const getDraftFile = async (slug: string,
+    filePath: string, options?: RequestInit): Promise<getDraftFileResponse> => {
+  
+  return fetchWithBaseUrl<Promise<getDraftFileResponse>>(getGetDraftFileUrl(slug,filePath),
+  {      
+    ...options,
+    method: 'GET'
+    
+    
+  }
+);}
+
+
+/**
+ * Change the metadata of the latest draft version of the project.
+ */
+export type changeAppMetadataResponse = {
+  data: void;
+  status: number;
+}
+
+export const getChangeAppMetadataUrl = (slug: string,) => {
+
+
+  return `/api/v3/apps/${slug}/draft/metadata`
+}
+
+export const changeAppMetadata = async (slug: string,
+    dbInsertAppMetadataJSONPartial: DbInsertAppMetadataJSONPartial, options?: RequestInit): Promise<changeAppMetadataResponse> => {
+  
+  return fetchWithBaseUrl<Promise<changeAppMetadataResponse>>(getChangeAppMetadataUrl(slug),
+  {      
+    ...options,
+    method: 'PATCH',
+    headers: { 'Content-Type': 'application/json', ...options?.headers },
+    body: JSON.stringify(
+      dbInsertAppMetadataJSONPartial,)
+  }
+);}
+
+
+/**
+ * Upload a file to the latest draft version of the project.
+ */
+export type writeZipResponse = {
+  data: void;
+  status: number;
+}
+
+export const getWriteZipUrl = (slug: string,) => {
+
+
+  return `/api/v3/apps/${slug}/draft/zip`
+}
+
+export const writeZip = async (slug: string,
+    uint8Array: Uint8Array, options?: RequestInit): Promise<writeZipResponse> => {
+  
+  return fetchWithBaseUrl<Promise<writeZipResponse>>(getWriteZipUrl(slug),
+  {      
+    ...options,
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json', ...options?.headers },
+    body: JSON.stringify(
+      uint8Array,)
+  }
+);}
+
+
+/**
+ * Publish the latest draft version
+ */
+export type publishVersionResponse = {
+  data: void;
+  status: number;
+}
+
+export const getPublishVersionUrl = (slug: string,) => {
+
+
+  return `/api/v3/apps/${slug}/publish`
+}
+
+export const publishVersion = async (slug: string, options?: RequestInit): Promise<publishVersionResponse> => {
+  
+  return fetchWithBaseUrl<Promise<publishVersionResponse>>(getPublishVersionUrl(slug),
+  {      
+    ...options,
+    method: 'PATCH'
+    
+    
+  }
+);}
+
+
diff --git a/src/badgehub-api-client/generated/swagger/public/public.ts b/src/badgehub-api-client/generated/swagger/public/public.ts
index d523c10..7bab505 100644
--- a/src/badgehub-api-client/generated/swagger/public/public.ts
+++ b/src/badgehub-api-client/generated/swagger/public/public.ts
@@ -6,13 +6,40 @@
  * OpenAPI spec version: 3
  */
 import type {
-  App,
-  AppDetails,
+  Badge,
   Category,
-  GetAppsParams
+  GetAppsParams,
+  Project,
+  Uint8Array
 } from '../../models'
 import { fetchWithBaseUrl } from '../../../../fetch-from-api';
 
+/**
+ * Get list of devices (badges)
+ */
+export type getDevicesResponse = {
+  data: Badge[];
+  status: number;
+}
+
+export const getGetDevicesUrl = () => {
+
+
+  return `/api/v3/devices`
+}
+
+export const getDevices = async ( options?: RequestInit): Promise<getDevicesResponse> => {
+  
+  return fetchWithBaseUrl<Promise<getDevicesResponse>>(getGetDevicesUrl(),
+  {      
+    ...options,
+    method: 'GET'
+    
+    
+  }
+);}
+
+
 /**
  * Get list of categories
  */
@@ -40,10 +67,10 @@ export const getCategories = async ( options?: RequestInit): Promise<getCategori
 
 
 /**
- * Get list of apps, optionally limited by page start/length and/or filtered by category
+ * Get list of apps, optionally limited by page start/length and/or filtered by categorySlug
  */
 export type getAppsResponse = {
-  data: App[];
+  data: Project[];
   status: number;
 }
 
@@ -75,20 +102,106 @@ export const getApps = async (params?: GetAppsParams, options?: RequestInit): Pr
 /**
  * Get app details
  */
-export type getAppDetailsResponse = {
-  data: AppDetails;
+export type getAppResponse = {
+  data: Project;
   status: number;
 }
 
-export const getGetAppDetailsUrl = (slug: string,) => {
+export const getGetAppUrl = (slug: string,) => {
 
 
   return `/api/v3/apps/${slug}`
 }
 
-export const getAppDetails = async (slug: string, options?: RequestInit): Promise<getAppDetailsResponse> => {
+export const getApp = async (slug: string, options?: RequestInit): Promise<getAppResponse> => {
+  
+  return fetchWithBaseUrl<Promise<getAppResponse>>(getGetAppUrl(slug),
+  {      
+    ...options,
+    method: 'GET'
+    
+    
+  }
+);}
+
+
+/**
+ * get the latest published version of a file in the project
+ */
+export type getLatestPublishedFileResponse = {
+  data: Uint8Array;
+  status: number;
+}
+
+export const getGetLatestPublishedFileUrl = (slug: string,
+    filePath: string,) => {
+
+
+  return `/api/v3/apps/${slug}/files/latest/${filePath}`
+}
+
+export const getLatestPublishedFile = async (slug: string,
+    filePath: string, options?: RequestInit): Promise<getLatestPublishedFileResponse> => {
+  
+  return fetchWithBaseUrl<Promise<getLatestPublishedFileResponse>>(getGetLatestPublishedFileUrl(slug,filePath),
+  {      
+    ...options,
+    method: 'GET'
+    
+    
+  }
+);}
+
+
+/**
+ * get a file for a specific version of the project
+ */
+export type getFileForVersionResponse = {
+  data: Uint8Array;
+  status: number;
+}
+
+export const getGetFileForVersionUrl = (slug: string,
+    revision: number,
+    filePath: string,) => {
+
+
+  return `/api/v3/apps/${slug}/files/rev${revision}/${filePath}`
+}
+
+export const getFileForVersion = async (slug: string,
+    revision: number,
+    filePath: string, options?: RequestInit): Promise<getFileForVersionResponse> => {
+  
+  return fetchWithBaseUrl<Promise<getFileForVersionResponse>>(getGetFileForVersionUrl(slug,revision,filePath),
+  {      
+    ...options,
+    method: 'GET'
+    
+    
+  }
+);}
+
+
+/**
+ * get the app zip for a specific version of the project
+ */
+export type getZipForVersionResponse = {
+  data: Uint8Array;
+  status: number;
+}
+
+export const getGetZipForVersionUrl = (slug: string,
+    revision: number,) => {
+
+
+  return `/api/v3/apps/${slug}/zip/rev${revision}`
+}
+
+export const getZipForVersion = async (slug: string,
+    revision: number, options?: RequestInit): Promise<getZipForVersionResponse> => {
   
-  return fetchWithBaseUrl<Promise<getAppDetailsResponse>>(getGetAppDetailsUrl(slug),
+  return fetchWithBaseUrl<Promise<getZipForVersionResponse>>(getGetZipForVersionUrl(slug,revision),
   {      
     ...options,
     method: 'GET'

From 24a8c0ba1bc5b1d131fd51062cfadd681af91196 Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Sat, 4 Jan 2025 17:07:00 +0100
Subject: [PATCH 08/18] Show where swagger is coming from

---
 orval.config.ts | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/orval.config.ts b/orval.config.ts
index ab0b23b..1f81720 100644
--- a/orval.config.ts
+++ b/orval.config.ts
@@ -9,6 +9,11 @@ dotenv.config();
 
 const baseUrl =
   process.env.BADGEHUB_API_BASEURL || "https://api-staging.badgehub.nl";
+
+const swaggerUrl = `${baseUrl}/swagger.json`;
+
+console.log("Reading swagger from", swaggerUrl);
+
 export default defineConfig({
   badgehub: {
     output: {
@@ -26,7 +31,7 @@ export default defineConfig({
     },
 
     input: {
-      target: `${baseUrl}/swagger.json`,
+      target: swaggerUrl,
     },
   },
 });

From fa3b2c494cbb120c2519fe55c50045424459cc76 Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Sat, 4 Jan 2025 17:07:29 +0100
Subject: [PATCH 09/18] Swager name change Badge -> Device

---
 src/components/Filter/index.tsx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/components/Filter/index.tsx b/src/components/Filter/index.tsx
index 4e570ce..344dbd3 100644
--- a/src/components/Filter/index.tsx
+++ b/src/components/Filter/index.tsx
@@ -3,11 +3,11 @@
 import styles from "./Filter.module.css";
 import { useRef } from "react";
 import { useSearchParams, useRouter } from "next/navigation";
-import { Category, Badge } from "@/badgehub-api-client/generated/models";
+import { Category, Device } from "@/badgehub-api-client/generated/models";
 
 type FilterProps = {
   categories: Category[];
-  devices: Badge[];
+  devices: Device[];
 };
 
 export function Filter({ categories, devices }: FilterProps) {

From 19199e6e79be3b0fc22a42d44589294217ecfe9c Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Sat, 4 Jan 2025 17:07:53 +0100
Subject: [PATCH 10/18] Inject Authorization header

---
 src/custom-fetch.ts   | 26 --------------------------
 src/fetch-from-api.ts | 22 +++++++++++++++++++---
 2 files changed, 19 insertions(+), 29 deletions(-)
 delete mode 100644 src/custom-fetch.ts

diff --git a/src/custom-fetch.ts b/src/custom-fetch.ts
deleted file mode 100644
index bac7dbc..0000000
--- a/src/custom-fetch.ts
+++ /dev/null
@@ -1,26 +0,0 @@
-"use server";
-
-import { getToken } from "@/app/actions";
-
-export const customFetch = async <T>(
-  url: string,
-  options: RequestInit,
-): Promise<T> => {
-  const token = await getToken();
-
-  const customOptions: RequestInit = {
-    ...options,
-    headers: [["Authorization", `Bearer ${token}`]],
-  };
-
-  console.log("customFetch url", url);
-
-  const request = new Request(url, customOptions);
-
-  console.log("customFetch request", request);
-
-  const response = await fetch(request);
-  const data = await response.json();
-
-  return { status: response.status, data } as T;
-};
diff --git a/src/fetch-from-api.ts b/src/fetch-from-api.ts
index cc91a9a..1b4d210 100644
--- a/src/fetch-from-api.ts
+++ b/src/fetch-from-api.ts
@@ -1,3 +1,7 @@
+"use server";
+
+import { getToken } from "@/app/actions";
+
 const getBody = <T>(c: Response | Request): Promise<T> => {
   const contentType = c.headers.get("content-type");
 
@@ -18,9 +22,21 @@ export const fetchWithBaseUrl = async <T>(
   url: string,
   options: RequestInit,
 ): Promise<T> => {
+  const token = await getToken();
+
   const requestUrl = getUrl(url);
-  const res = await fetch(requestUrl, options);
-  const data = await getBody(res);
 
-  return { status: res.status, data } as T;
+  const customOptions: RequestInit = {
+    ...options,
+    headers: new Headers({
+      Authorization: `Bearer ${token}`,
+    }),
+  };
+
+  const request = new Request(requestUrl, customOptions);
+
+  const response = await fetch(request);
+  const data = await getBody(response);
+
+  return { status: response.status, data } as T;
 };

From 882b3ffaa3c64e54fb686a946b281349d2210a69 Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Sat, 4 Jan 2025 17:15:39 +0100
Subject: [PATCH 11/18] Add rewrite for next.js comment

---
 src/app/actions.ts | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/app/actions.ts b/src/app/actions.ts
index 5df98a8..0e9894a 100644
--- a/src/app/actions.ts
+++ b/src/app/actions.ts
@@ -7,6 +7,17 @@ import {
   getDevices,
 } from "@/badgehub-api-client/generated/swagger/public/public";
 
+/**
+ * TODO: rewrite to Next.js conforming code.
+ *
+ * I don't think this is the right Next.js way to do this.
+ *
+ * With setToken, the token is set from the browser to the Next.js server.
+ * The server code can then read the token with getToken().
+ *
+ * It works, but it feels like a hack. Next.js has a way to handle this better, right?
+ */
+
 let token = "";
 
 export async function getAppData(searchParams: GetAppsParams) {

From 03bd0f1ae48a5675bf47e646582c2c3bd33ad5b6 Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Sat, 4 Jan 2025 17:30:26 +0100
Subject: [PATCH 12/18] Remove test code with expired tokens and pubkey

---
 src/components/Account/index.tsx | 40 --------------------------------
 1 file changed, 40 deletions(-)

diff --git a/src/components/Account/index.tsx b/src/components/Account/index.tsx
index 4eca89b..c412449 100644
--- a/src/components/Account/index.tsx
+++ b/src/components/Account/index.tsx
@@ -1,44 +1,4 @@
 import { useSession } from "next-auth/react";
-import * as jose from "jose";
-
-// async function verify() {
-//   console.log("run verify()");
-//
-//   const token =
-//     "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJsRTVzX1JiTGZkVzFMQk9Hdl9RNE1MZktoRmJVNXJ6dkZsVEc4UGZyQzVzIn0.eyJleHAiOjE3Mjg5OTY4OTksImlhdCI6MTcyODk5NjU5OSwiYXV0aF90aW1lIjoxNzI4OTk2NTk5LCJqdGkiOiI0NGU3NmI3ZS01MDdjLTRhYTQtOTcwYS0yNDA1M2QxNjVlNjMiLCJpc3MiOiJodHRwczovL2xlbXVyLTExLmNsb3VkLWlhbS5jb20vYXV0aC9yZWFsbXMvYmFkZ2VodWIiLCJhdWQiOlsicmVhbG0tbWFuYWdlbWVudCIsImFjY291bnQiXSwic3ViIjoiNjhiNmFiZjgtNjBhNC00MWFlLTlmMTQtYTc3ZmQ2M2EwMjA3IiwidHlwIjoiQmVhcmVyIiwiYXpwIjoiYmFkZ2VodWIiLCJzaWQiOiIxNDExYzZhNi0wMWUxLTQ4ODMtOGMxYS1mYzZjMzk1OGYxYWIiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbImh0dHA6Ly9sb2NhbGhvc3Q6MzAwMC8qIiwiLyoiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwiZGVmYXVsdC1yb2xlcy1iYWRnZWh1YiIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsicmVhbG0tbWFuYWdlbWVudCI6eyJyb2xlcyI6WyJ2aWV3LWlkZW50aXR5LXByb3ZpZGVycyIsInZpZXctcmVhbG0iLCJtYW5hZ2UtaWRlbnRpdHktcHJvdmlkZXJzIiwiaW1wZXJzb25hdGlvbiIsInJlYWxtLWFkbWluIiwiY3JlYXRlLWNsaWVudCIsIm1hbmFnZS11c2VycyIsInF1ZXJ5LXJlYWxtcyIsInZpZXctYXV0aG9yaXphdGlvbiIsInF1ZXJ5LWNsaWVudHMiLCJxdWVyeS11c2VycyIsIm1hbmFnZS1ldmVudHMiLCJtYW5hZ2UtcmVhbG0iLCJ2aWV3LWV2ZW50cyIsInZpZXctdXNlcnMiLCJ2aWV3LWNsaWVudHMiLCJtYW5hZ2UtYXV0aG9yaXphdGlvbiIsIm1hbmFnZS1jbGllbnRzIiwicXVlcnktZ3JvdXBzIl19LCJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6Im9wZW5pZCBlbWFpbCBwcm9maWxlIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsIm5hbWUiOiJiYWRnZWh1YiBBZG1pbmlzdHJhdG9yIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4iLCJnaXZlbl9uYW1lIjoiYmFkZ2VodWIiLCJmYW1pbHlfbmFtZSI6IkFkbWluaXN0cmF0b3IiLCJlbWFpbCI6ImFkbWluQGVtYWlsLmNvbSJ9.Hl2ZlD95F565_wJE6J9IbcBJbJGqroLF6Z8q8_7hrFc3n8g0xPhcRngL0Qo1TrZqK2lM5MIDSgBm-l_Ei5Xg2NEs2qqpMBioaTudSz5Na3REk8fhLgCeae1W58LWmH7cI6Cbi05NQr4LGrFBmziHxXLAqcUvqXqQgmKL6QHNYt7Sp6nuJQWdnqyJG2D7xGnL6K6-B6tkqnE6OlzXoqcWuY8zXpuSwv1ptyjF6W6_dxRRPzAnI9DyOaYrjcfTgaZ31GXo4p30vUfX_0j26yqzyLJOTN6DBvGMvo_y8nHPt1ku7knfNouO6w5V0tnPcIReQpflZcy5rDqa0FhZIgthlA";
-//
-//   // const pubkey = new TextEncoder().encode(
-//   //   "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW3sdwzFuuZdDg1WJ2aTbvGTfJHPQsyhcT3AlI0J8kSO5i2b10svFNnqYU3LZHC5Arhgv+IEi0bSQOOE5WKX2y7LHVhZADvKu5XtvQ1MGT9Q0h9LqXyugiIGCMAfS8k97iMYJ4OIrfzElmiFlgAzGiATNrRVdGWieX02L5EFxEl5ovFszQ+eg0gmT9+QkQBz3+XteJIrETYhZT5YZY39XMvU45gm0vzkoX36R65VyhKQteYYEbcR4jL49Vs7BZ4O7EUTiF58Ag+XqLpV+W32B/Let/GNjIIV3WUA0Yq2jXeTnufVkKkv0m5E9ogE+gov4o/FDBMIz972+iNuq1u+WwIDAQAB",
-//   // );
-//
-//   const alg = "RS256";
-//
-//   try {
-//     console.log("importSPKI");
-//     //   const spki = `-----BEGIN PUBLIC KEY-----
-//     // MIMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW3sdwzFuuZdDg1WJ2aTbvGTfJHPQsyhcT3AlI0J8kSO5i2b10svFNnqYU3LZHC5Arhgv+IEi0bSQOOE5WKX2y7LHVhZADvKu5XtvQ1MGT9Q0h9LqXyugiIGCMAfS8k97iMYJ4OIrfzElmiFlgAzGiATNrRVdGWieX02L5EFxEl5ovFszQ+eg0gmT9+QkQBz3+XteJIrETYhZT5YZY39XMvU45gm0vzkoX36R65VyhKQteYYEbcR4jL49Vs7BZ4O7EUTiF58Ag+XqLpV+W32B/Let/GNjIIV3WUA0Yq2jXeTnufVkKkv0m5E9ogE+gov4o/FDBMIz972+iNuq1u+WwIDAQAB
-//     // -----END PUBLIC KEY-----`;
-//     // const publicKey = await jose.importSPKI(spki, alg);
-//
-//     // jwk from pasting jwt in https://jwt.io/
-//     const jwk = {
-//       e: "AQAB",
-//       kty: "RSA",
-//       n: "rW3sdwzFuuZdDg1WJ2aTbvGTfJHPQsyhcT3AlI0J8kSO5i2b10svFNnqYU3LZHC5Arhgv-IEi0bSQOOE5WKX2y7LHVhZADvKu5XtvQ1MGT9Q0h9LqXyugiIGCMAfS8k97iMYJ4OIrfzElmiFlgAzGiATNrRVdGWieX02L5EFxEl5ovFszQ-eg0gmT9-QkQBz3-XteJIrETYhZT5YZY39XMvU45gm0vzkoX36R65VyhKQteYYEbcR4jL49Vs7BZ4O7EUTiF58Ag-XqLpV-W32B_Let_GNjIIV3WUA0Yq2jXeTnufVkKkv0m5E9ogE-gov4o_FDBMIz972-iNuq1u-Ww",
-//     };
-//     const publicKey = await jose.importJWK(jwk, alg);
-//     console.log("start verification");
-//     const { payload, protectedHeader } = await jose.jwtVerify(token, publicKey);
-//     console.log("result", payload, protectedHeader);
-//   } catch (error) {
-//     console.error(error);
-//   }
-// }
-
-// function verifySync() {
-//   verify();
-//   return <p>Verification...</p>;
-// }
 
 export function Account() {
   const { data: session, status } = useSession();

From bc5449dc07a259cc504572937199ade15a575eb2 Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Sat, 4 Jan 2025 17:33:56 +0100
Subject: [PATCH 13/18] Remove commented code and console.logs

---
 src/app/actions.ts               |  8 +++-----
 src/app/apps/page.tsx            | 31 -------------------------------
 src/components/MainNav/index.tsx |  2 --
 3 files changed, 3 insertions(+), 38 deletions(-)

diff --git a/src/app/actions.ts b/src/app/actions.ts
index 0e9894a..11aa920 100644
--- a/src/app/actions.ts
+++ b/src/app/actions.ts
@@ -21,18 +21,16 @@ import {
 let token = "";
 
 export async function getAppData(searchParams: GetAppsParams) {
-  console.log("getAppData searchParams", searchParams);
+  // console.log("getAppData searchParams", searchParams);
   return Promise.all([getApps(searchParams), getCategories(), getDevices()]);
 }
 
 export async function setToken(tokenIn: string) {
-  console.log("### setToken", tokenIn);
-
+  // console.log("### setToken", tokenIn);
   token = tokenIn;
 }
 
 export async function getToken() {
-  console.log("### getToken", token);
-
+  // console.log("### getToken", token);
   return token;
 }
diff --git a/src/app/apps/page.tsx b/src/app/apps/page.tsx
index e924160..ab62433 100644
--- a/src/app/apps/page.tsx
+++ b/src/app/apps/page.tsx
@@ -29,7 +29,6 @@ export default function Listing({
   useEffect(() => {
     async function getData() {
       const token = (session as any)?.accessToken;
-      console.log("### token", `${token?.substring(0, 10)}...`);
       if (token) {
         await setToken(token);
       }
@@ -47,33 +46,3 @@ export default function Listing({
     </>
   );
 }
-
-// export default async function Listing({
-//                                           searchParams,
-//                                       }: {
-//     searchParams: Partial<SearchParams>;
-// }) {
-//     let data;
-//     try {
-//         data = await getAppData(searchParams);
-//     } catch (e) {
-//         if (!(e instanceof Error)) {
-//             return <p>Caught object that wasn&amp;t an error.</p>;
-//         }
-//         return (
-//             <>
-//                 <p>Error while rendering</p>
-//                 <code>
-//                     <pre>{JSON.stringify(e.message)}</pre>
-//                 </code>
-//             </>
-//         );
-//     }
-//
-//     return (
-//         <>
-//             <LoginButton />
-//             <AppList data={data} />
-//         </>
-//     );
-// }
diff --git a/src/components/MainNav/index.tsx b/src/components/MainNav/index.tsx
index 704454c..e4e0044 100644
--- a/src/components/MainNav/index.tsx
+++ b/src/components/MainNav/index.tsx
@@ -7,8 +7,6 @@ import clsx from "clsx";
 export function MainNav() {
   const pathname = usePathname();
 
-  console.log("pathname", pathname);
-
   return (
     <nav className={styles.mainNav}>
       <Link

From 20815658f091d74829cc6d290d2eab96c95a8ccd Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Sat, 4 Jan 2025 17:39:45 +0100
Subject: [PATCH 14/18] Update package lock file

---
 package-lock.json | 26 +++++++++++++++++++++++---
 1 file changed, 23 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index d8a3b72..d7ddb33 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -21,6 +21,7 @@
         "clsx": "^2.1.1",
         "eslint": "^8.57.1",
         "eslint-config-next": "^14.2.15",
+        "jose": "^5.9.4",
         "jsonpath-plus": "^10.1.0",
         "orval": "^7.0.1",
         "prettier": "3.3.3",
@@ -4844,9 +4845,10 @@
       }
     },
     "node_modules/jose": {
-      "version": "4.15.9",
-      "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.9.tgz",
-      "integrity": "sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==",
+      "version": "5.9.6",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-5.9.6.tgz",
+      "integrity": "sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==",
+      "dev": true,
       "license": "MIT",
       "funding": {
         "url": "https://github.com/sponsors/panva"
@@ -5349,6 +5351,15 @@
         }
       }
     },
+    "node_modules/next-auth/node_modules/jose": {
+      "version": "4.15.9",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.9.tgz",
+      "integrity": "sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==",
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
     "node_modules/nimma": {
       "version": "0.2.3",
       "resolved": "https://registry.npmjs.org/nimma/-/nimma-0.2.3.tgz",
@@ -5759,6 +5770,15 @@
         "url": "https://github.com/sponsors/panva"
       }
     },
+    "node_modules/openid-client/node_modules/jose": {
+      "version": "4.15.9",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.9.tgz",
+      "integrity": "sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==",
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
     "node_modules/optionator": {
       "version": "0.9.4",
       "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.4.tgz",

From ab3f252f939f864a59d5184e841b8cf30cd6fd7a Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Sat, 4 Jan 2025 17:45:59 +0100
Subject: [PATCH 15/18] Fix TypeScript linting error

---
 src/app/apps/layout.tsx | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/app/apps/layout.tsx b/src/app/apps/layout.tsx
index 91caac0..f9d3028 100644
--- a/src/app/apps/layout.tsx
+++ b/src/app/apps/layout.tsx
@@ -1,14 +1,20 @@
 "use client";
 
 import { SessionProvider } from "next-auth/react";
-import { LayoutProps } from "../../../.next/types/app/layout";
 import styles from "./layout.module.css";
+import { ReactNode } from "react";
 
-export default function AppsListingLayout(props: LayoutProps) {
+type AppsListingLayoutProps = {
+  children: ReactNode;
+};
+
+export default function AppsListingLayout({
+  children,
+}: AppsListingLayoutProps) {
   return (
     <main>
       <h1 className={styles.title}>Apps</h1>
-      <SessionProvider>{props.children}</SessionProvider>
+      <SessionProvider>{children}</SessionProvider>
     </main>
   );
 }

From 7c75068a234a6246e8ff73cd2fd90e3d0c525ef8 Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Mon, 6 Jan 2025 21:21:11 +0100
Subject: [PATCH 16/18] Fix overwrite headers

---
 src/fetch-from-api.ts | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/fetch-from-api.ts b/src/fetch-from-api.ts
index 1b4d210..58a8d19 100644
--- a/src/fetch-from-api.ts
+++ b/src/fetch-from-api.ts
@@ -26,14 +26,15 @@ export const fetchWithBaseUrl = async <T>(
 
   const requestUrl = getUrl(url);
 
-  const customOptions: RequestInit = {
+  const headers = new Headers(options.headers);
+  headers.append("Authorization", `Bearer ${token}`);
+
+  const optionsWithAuth: RequestInit = {
     ...options,
-    headers: new Headers({
-      Authorization: `Bearer ${token}`,
-    }),
+    headers,
   };
 
-  const request = new Request(requestUrl, customOptions);
+  const request = new Request(requestUrl, optionsWithAuth);
 
   const response = await fetch(request);
   const data = await getBody(response);

From edaf6a34b1ba7e4f1b32f43f4c4602af6aecf635 Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Mon, 6 Jan 2025 21:28:25 +0100
Subject: [PATCH 17/18] Simplify code. Global token still necessary

---
 src/app/actions.ts    | 23 +++++------------------
 src/app/apps/page.tsx |  7 ++-----
 2 files changed, 7 insertions(+), 23 deletions(-)

diff --git a/src/app/actions.ts b/src/app/actions.ts
index 11aa920..73193de 100644
--- a/src/app/actions.ts
+++ b/src/app/actions.ts
@@ -7,29 +7,16 @@ import {
   getDevices,
 } from "@/badgehub-api-client/generated/swagger/public/public";
 
-/**
- * TODO: rewrite to Next.js conforming code.
- *
- * I don't think this is the right Next.js way to do this.
- *
- * With setToken, the token is set from the browser to the Next.js server.
- * The server code can then read the token with getToken().
- *
- * It works, but it feels like a hack. Next.js has a way to handle this better, right?
- */
-
 let token = "";
 
-export async function getAppData(searchParams: GetAppsParams) {
-  // console.log("getAppData searchParams", searchParams);
+export async function getAppData(
+  searchParams: GetAppsParams,
+  newToken: string,
+) {
+  token = newToken;
   return Promise.all([getApps(searchParams), getCategories(), getDevices()]);
 }
 
-export async function setToken(tokenIn: string) {
-  // console.log("### setToken", tokenIn);
-  token = tokenIn;
-}
-
 export async function getToken() {
   // console.log("### getToken", token);
   return token;
diff --git a/src/app/apps/page.tsx b/src/app/apps/page.tsx
index ab62433..6af9364 100644
--- a/src/app/apps/page.tsx
+++ b/src/app/apps/page.tsx
@@ -9,7 +9,7 @@ import {
   getCategoriesResponse,
   getDevicesResponse,
 } from "@/badgehub-api-client/generated/swagger/public/public";
-import { getAppData, setToken } from "../actions";
+import { getAppData } from "../actions";
 
 export interface SearchParams {
   category: string;
@@ -29,10 +29,7 @@ export default function Listing({
   useEffect(() => {
     async function getData() {
       const token = (session as any)?.accessToken;
-      if (token) {
-        await setToken(token);
-      }
-      const data = await getAppData(searchParams);
+      const data = await getAppData(searchParams, token);
       setData(data);
     }
 

From e4e8149877de1caa6426b116b8387e0ecc53ccc8 Mon Sep 17 00:00:00 2001
From: Edwin Martin <edwin@bitstorm.org>
Date: Mon, 6 Jan 2025 21:45:39 +0100
Subject: [PATCH 18/18] Get rid of global token

---
 src/app/actions.ts    | 25 ++++++++++++-------------
 src/fetch-from-api.ts | 16 +---------------
 2 files changed, 13 insertions(+), 28 deletions(-)

diff --git a/src/app/actions.ts b/src/app/actions.ts
index 73193de..c983bee 100644
--- a/src/app/actions.ts
+++ b/src/app/actions.ts
@@ -7,17 +7,16 @@ import {
   getDevices,
 } from "@/badgehub-api-client/generated/swagger/public/public";
 
-let token = "";
-
-export async function getAppData(
-  searchParams: GetAppsParams,
-  newToken: string,
-) {
-  token = newToken;
-  return Promise.all([getApps(searchParams), getCategories(), getDevices()]);
-}
-
-export async function getToken() {
-  // console.log("### getToken", token);
-  return token;
+export async function getAppData(searchParams: GetAppsParams, token: string) {
+  const headers = new Headers({
+    Authorization: `Bearer ${token}`,
+  });
+  const options: RequestInit = {
+    headers,
+  };
+  return Promise.all([
+    getApps(searchParams, options),
+    getCategories(options),
+    getDevices(options),
+  ]);
 }
diff --git a/src/fetch-from-api.ts b/src/fetch-from-api.ts
index 58a8d19..351934e 100644
--- a/src/fetch-from-api.ts
+++ b/src/fetch-from-api.ts
@@ -1,7 +1,5 @@
 "use server";
 
-import { getToken } from "@/app/actions";
-
 const getBody = <T>(c: Response | Request): Promise<T> => {
   const contentType = c.headers.get("content-type");
 
@@ -22,20 +20,8 @@ export const fetchWithBaseUrl = async <T>(
   url: string,
   options: RequestInit,
 ): Promise<T> => {
-  const token = await getToken();
-
   const requestUrl = getUrl(url);
-
-  const headers = new Headers(options.headers);
-  headers.append("Authorization", `Bearer ${token}`);
-
-  const optionsWithAuth: RequestInit = {
-    ...options,
-    headers,
-  };
-
-  const request = new Request(requestUrl, optionsWithAuth);
-
+  const request = new Request(requestUrl, options);
   const response = await fetch(request);
   const data = await getBody(response);