[GH#579] [MVP Task 16] Run end-to-end iRacing login validation #2

New issue

Open

opened 2026-05-19 22:15:15 +02:00 by Max · 0 comments

Max commented

2026-05-19 22:15:15 +02:00

Owner

Migrated from GitHub #579
Originally created by @Bio1988 on 2026-05-18T10:57:16Z

Phase 4, Task 16

Plan: docs/plans/2026-05-18-teammanager-iracing-login-mvp.md in Bio1988/strategy-desktop.

Depends on: #578
Server dependency: Bio1988/teammanager-server#9

Product decisions from Max (2026-05-18)

IRACING_CLIENT_SECRET, iRacing username/client identifier data, and IRACING_REDIRECT_URI will be provided as GitHub Secrets / deployment environment, not hard-coded.
Redirect URI is dynamic via env/secret so production and later variants can be changed without code changes.
DNS for api.teammanager.cc is still pending.
Desktop must never store OAuth access/refresh tokens. Use a random per-install pairing token locally; store OAuth tokens and pairing mapping in the server database.
No separate token-refresh cron/goroutine for MVP. Refresh opportunistically when users interact / before API calls; mark expired only when refresh fails.
IRACING_USERNAME is not required by the server and must not be part of required config.

Objective

Manually validate server + desktop OAuth flow from LoginPage through callback and desktop polling.

Scope

See plan task details; adjust implementation to the product decisions above.

Acceptance criteria

https://api.teammanager.cc/health returns 200.
Desktop opens iRacing auth URL.
Callback completes and desktop reaches connected state.
Skip and disconnect paths are validated.
Findings are documented in the issue/PR.

Notes

Keep race-critical logic local; this is sync/team integration only.
Desktop stores only a random pairing token / connection metadata, never iRacing OAuth tokens.

Parent: #573

Migrated from [GitHub #579](https://github.com/Bio1988/strategy-desktop/issues/579) Originally created by @Bio1988 on 2026-05-18T10:57:16Z --- ## Phase 4, Task 16 Plan: `docs/plans/2026-05-18-teammanager-iracing-login-mvp.md` in `Bio1988/strategy-desktop`. Depends on: #578 Server dependency: Bio1988/teammanager-server#9 ## Product decisions from Max (2026-05-18) - `IRACING_CLIENT_SECRET`, iRacing username/client identifier data, and `IRACING_REDIRECT_URI` will be provided as GitHub Secrets / deployment environment, not hard-coded. - Redirect URI is dynamic via env/secret so production and later variants can be changed without code changes. - DNS for `api.teammanager.cc` is still pending. - Desktop must never store OAuth access/refresh tokens. Use a random per-install pairing token locally; store OAuth tokens and pairing mapping in the server database. - No separate token-refresh cron/goroutine for MVP. Refresh opportunistically when users interact / before API calls; mark expired only when refresh fails. - `IRACING_USERNAME` is not required by the server and must not be part of required config. ## Objective Manually validate server + desktop OAuth flow from LoginPage through callback and desktop polling. ## Scope See plan task details; adjust implementation to the product decisions above. ## Acceptance criteria - `https://api.teammanager.cc/health` returns 200. - Desktop opens iRacing auth URL. - Callback completes and desktop reaches connected state. - Skip and disconnect paths are validated. - Findings are documented in the issue/PR. ## Notes - Keep race-critical logic local; this is sync/team integration only. - Desktop stores only a random pairing token / connection metadata, never iRacing OAuth tokens. Parent: #573

Max added the

labels

2026-05-19 22:15:15 +02:00