feat(ui): add heartbeat agent with auth gating

Author: zachsmith1

cli/Cargo.toml

@@ -19,4 +19,4 @@ humantime = "2.1.0"
 hickory-server = "0.25.2"
 hickory-proto = "0.25.2"
 iroh-base.workspace = true
-z32 = "1.0.3"
+z32 = "1.0.3"

lib/src/config.rs

@@ -27,7 +27,7 @@ pub enum GatewayMode {
     Forward,
 }
 
-#[derive(Debug, Clone, Default, Serialize, Deserialize)]
+#[derive(Debug, Clone, Serialize, Deserialize)]
 #[serde(rename_all = "snake_case")]
 pub struct Config {
     /// The IPv4 address that the endpoint will listen on.
@@ -58,6 +58,9 @@ pub struct Config {
     #[serde(default)]
     pub dns_resolver: Option<SocketAddr>,
 
+    /// Enable the heartbeat agent for connector lease maintenance.
+    #[serde(default = "default_heartbeat_enabled")]
+    pub heartbeat_enabled: bool,
 }
 
 #[derive(Debug, Clone, Default, Serialize, Deserialize)]
@@ -70,6 +73,23 @@ pub struct GatewayConfig {
     pub gateway_mode: GatewayMode,
 }
 
+fn default_heartbeat_enabled() -> bool {
+    true
+}
+
+impl Default for Config {
+    fn default() -> Self {
+        Self {
+            ipv4_addr: None,
+            ipv6_addr: None,
+            discovery_mode: DiscoveryMode::default(),
+            dns_origin: None,
+            dns_resolver: None,
+            heartbeat_enabled: default_heartbeat_enabled(),
+        }
+    }
+}
+
 impl Config {
     pub async fn from_file(path: PathBuf) -> Result<Self> {
         let config = tokio::fs::read_to_string(path)

lib/src/datum_cloud/auth.rs

@@ -10,6 +10,7 @@ use openidconnect::{
     core::{CoreAuthenticationFlow, CoreClient, CoreProviderMetadata},
 };
 use serde::{Deserialize, Serialize};
+use tokio::sync::watch;
 use tracing::{debug, error, info, warn};
 
 use crate::Repo;
@@ -327,37 +328,54 @@ impl MaybeAuth {
 struct AuthStateWrapper {
     inner: Arc<ArcSwap<MaybeAuth>>,
     repo: Option<Repo>,
+    login_state_tx: watch::Sender<LoginState>,
 }
 
 impl AuthStateWrapper {
     fn empty() -> Self {
+        let (login_state_tx, _) = watch::channel(LoginState::Missing);
         Self {
             inner: Arc::new(ArcSwap::new(Default::default())),
             repo: None,
+            login_state_tx,
         }
     }
 
     async fn from_repo(repo: Repo) -> Result<Self> {
         let state = repo.read_oauth().await?;
+        let (login_state_tx, _) = watch::channel(login_state_for(state.as_ref()));
         Ok(Self {
             inner: Arc::new(ArcSwap::new(Arc::new(MaybeAuth(state)))),
             repo: Some(repo),
+            login_state_tx,
         })
     }
 
     fn load(&self) -> Arc<MaybeAuth> {
         self.inner.load_full()
     }
 
+    fn subscribe_login_state(&self) -> watch::Receiver<LoginState> {
+        self.login_state_tx.subscribe()
+    }
+
     async fn set(&self, auth: Option<AuthState>) -> Result<()> {
         if let Some(repo) = self.repo.as_ref() {
             repo.write_oauth(auth.as_ref()).await?;
         }
         self.inner.store(Arc::new(MaybeAuth(auth)));
+        let _ = self.login_state_tx.send(login_state_for(self.load().get().ok()));
         Ok(())
     }
 }
 
+fn login_state_for(auth: Option<&AuthState>) -> LoginState {
+    match auth {
+        None => LoginState::Missing,
+        Some(state) => state.tokens.login_state(),
+    }
+}
+
 #[derive(derive_more::Debug, Clone)]
 pub struct AuthClient {
     state: AuthStateWrapper,
@@ -394,6 +412,10 @@ impl AuthClient {
         self.state.load()
     }
 
+    pub fn login_state_watch(&self) -> watch::Receiver<LoginState> {
+        self.state.subscribe_login_state()
+    }
+
     pub async fn load_refreshed(&self) -> Result<Arc<MaybeAuth>> {
         let state = self.state.load();
         match state.get() {