|
1 | | -# Twitch Panel Extension Implementation Plan |
2 | | - |
3 | | -## Purpose |
4 | | - |
5 | | -The Twitch panel extension acts as a compact RockList.Live client inside Twitch. It lets viewers work with the active channel playlist without using chat commands, and it lets the channel owner or channel moderators perform core playlist actions directly from the panel. |
6 | | - |
7 | | -## Current MVP Surface |
8 | | - |
9 | | -### Viewer capabilities |
10 | | - |
11 | | -- read the playlist without linking identity |
12 | | -- share Twitch identity from the panel |
13 | | -- search the channel-aware catalog |
14 | | -- add a regular request |
15 | | -- add a VIP request when the viewer has a spendable RockList.Live VIP token |
16 | | -- edit the current request |
17 | | -- remove the current request |
18 | | -- view VIP token balance and current request usage for the active channel |
19 | | - |
20 | | -### Owner and moderator capabilities |
21 | | - |
22 | | -- view the current queue in the panel |
23 | | -- set a queued song as current |
24 | | -- mark the current song as played |
25 | | -- delete a playlist item |
26 | | -- switch a request between regular and VIP when the channel permissions allow VIP-token management |
27 | | - |
28 | | -## Channel Access Model |
29 | | - |
30 | | -- The panel trusts only the verified Twitch Extension JWT. |
31 | | -- The active `channel_id` resolves the RockList.Live channel. |
32 | | -- The linked `user_id` resolves or creates the matching RockList.Live user by `twitchUserId`. |
33 | | -- The panel resolves access for the current channel as one of: |
34 | | - - `owner` |
35 | | - - `moderator` |
36 | | - - `viewer` |
37 | | -- Moderator access follows the channel's existing moderator capability settings. |
38 | | - |
39 | | -## Shared Services |
40 | | - |
41 | | -### Viewer request service |
42 | | - |
43 | | -Viewer request actions go through the shared viewer-request service. |
44 | | - |
45 | | -This keeps the same behavior for: |
46 | | - |
47 | | -- request-policy checks |
48 | | -- duplicate checks |
49 | | -- queue-limit checks |
50 | | -- VIP-token spending |
51 | | -- add, edit, and remove behavior |
52 | | - |
53 | | -### Playlist management service |
54 | | - |
55 | | -Owner and moderator playlist actions go through the shared playlist-management service. |
56 | | - |
57 | | -This keeps the same behavior for: |
58 | | - |
59 | | -- playlist mutation permissions |
60 | | -- queue mutation calls into the backend worker |
61 | | -- request-kind changes |
62 | | -- audit and actor attribution |
63 | | - |
64 | | -## API Surface |
65 | | - |
66 | | -### Bootstrap and viewer request routes |
67 | | - |
68 | | -- `GET /api/extension/bootstrap` |
69 | | -- `GET /api/extension/search` |
70 | | -- `POST /api/extension/request` |
71 | | -- `POST /api/extension/request/edit` |
72 | | -- `POST /api/extension/request/remove` |
73 | | - |
74 | | -### Playlist management route |
75 | | - |
76 | | -- `POST /api/extension/playlist` |
77 | | - |
78 | | -Supported playlist actions: |
79 | | - |
80 | | -- `setCurrent` |
81 | | -- `markPlayed` |
82 | | -- `deleteItem` |
83 | | -- `changeRequestKind` |
84 | | - |
85 | | -## Front-End Surface |
86 | | - |
87 | | -The panel UI lives in: |
88 | | - |
89 | | -- `src/extension/panel/index.html` |
90 | | -- `src/extension/panel/main.tsx` |
91 | | -- `src/extension/panel/app.tsx` |
92 | | - |
93 | | -The current panel UI includes: |
94 | | - |
95 | | -- compact header with channel title and linked-viewer summary |
96 | | -- playlist and search tabs |
97 | | -- dense queue rows with requester attribution and timestamps |
98 | | -- linked-viewer request highlighting |
99 | | -- transient success and error notices |
100 | | -- loading skeletons during Twitch helper auth and bootstrap |
101 | | -- inline remove confirmation for viewer-owned requests |
102 | | -- compact moderation controls on playlist rows for authorized users |
103 | | - |
104 | | -## Twitch Setup |
105 | | - |
106 | | -The Twitch extension version should use: |
107 | | - |
108 | | -- panel anchor |
109 | | -- request identity link enabled |
110 | | -- URL fetch allowlist for the app origin that serves `/api/extension/*` |
111 | | - |
112 | | -Local Test can point at: |
113 | | - |
114 | | -- the in-app route: `/extension/panel` |
115 | | -- or the standalone build artifact from `npm run build:extension:panel` |
116 | | - |
117 | | -## Hosted Test And Review |
118 | | - |
119 | | -The panel is ready for Local Test. Hosted Test and review still require the normal Twitch extension packaging and submission steps: |
120 | | - |
121 | | -- upload the built panel artifact |
122 | | -- confirm final allowlists |
123 | | -- confirm reviewer-facing assets and text |
124 | | -- validate the Hosted Test install flow on real test channels |
125 | | - |
126 | | -## Recommended MVP Rollout Checklist |
127 | | - |
128 | | -Before broader tester rollout, validate these flows with real Twitch accounts: |
129 | | - |
130 | | -- viewer, unlinked: |
131 | | - - panel loads |
132 | | - - playlist is readable |
133 | | - - write actions require identity share |
134 | | -- viewer, linked: |
135 | | - - search works |
136 | | - - regular request works |
137 | | - - VIP request works when balance is available |
138 | | - - edit and remove work |
139 | | -- channel owner: |
140 | | - - playlist actions appear |
141 | | - - play now, mark played, delete, and request-kind changes work |
142 | | -- channel moderator: |
143 | | - - playlist actions appear only when the channel settings allow them |
144 | | - - actions use the correct capability gates |
145 | | - |
146 | | -## Recommended Next Additions |
147 | | - |
148 | | -These items fit well after the first tester rollout, but they are not required for the MVP request loop: |
149 | | - |
150 | | -- optional link from the panel to the full playlist page on `rocklist.live` |
151 | | -- read-only blacklist and setlist visibility in the panel |
152 | | -- VIP token management tools in the panel |
153 | | -- blacklist and setlist management tools in the panel |
154 | | -- better cross-surface navigation between Twitch and the website |
155 | | - |
156 | | -## Website Auth Note |
157 | | - |
158 | | -The panel identity-share flow does not create a website session. |
159 | | - |
160 | | -If the panel opens `rocklist.live` in a new window: |
161 | | - |
162 | | -- the user is signed in on the website only when the browser already has the RockList.Live session cookie |
163 | | -- otherwise the website still requires the normal Twitch OAuth flow |
164 | | - |
165 | | -## Main Files |
166 | | - |
167 | | -- `src/lib/server/extension-auth.ts` |
168 | | -- `src/lib/server/extension-panel.ts` |
169 | | -- `src/lib/server/viewer-request.ts` |
170 | | -- `src/lib/server/playlist-management.ts` |
171 | | -- `src/routes/api/extension/bootstrap.ts` |
172 | | -- `src/routes/api/extension/search.ts` |
173 | | -- `src/routes/api/extension/request.ts` |
174 | | -- `src/routes/api/extension/request/edit.ts` |
175 | | -- `src/routes/api/extension/request/remove.ts` |
176 | | -- `src/routes/api/extension/playlist.ts` |
177 | | -- `src/extension/panel/app.tsx` |
178 | | -- `docs/twitch-panel-extension-local-test.md` |
| 1 | +# Twitch Panel Extension Architecture |
| 2 | + |
| 3 | +## Auth and channel resolution |
| 4 | + |
| 5 | +- The panel verifies the Twitch Extension JWT on the server. |
| 6 | +- `channel_id` resolves the RockList.Live channel. |
| 7 | +- Linked `user_id` resolves the matching RockList.Live user profile. |
| 8 | +- Access resolves as `owner`, `moderator`, or `viewer` for the active channel. |
| 9 | + |
| 10 | +## API surface |
| 11 | + |
| 12 | +- `GET /api/extension/bootstrap` |
| 13 | +- `GET /api/extension/search` |
| 14 | +- `POST /api/extension/request` |
| 15 | +- `POST /api/extension/request/edit` |
| 16 | +- `POST /api/extension/request/remove` |
| 17 | +- `POST /api/extension/playlist` |
| 18 | + |
| 19 | +## Shared behavior |
| 20 | + |
| 21 | +- `src/lib/server/extension-panel.ts` shapes bootstrap, live state, search, viewer request calls, and playlist management calls. |
| 22 | +- `src/lib/server/viewer-request.ts` enforces blocked-requester rules, request ownership, VIP token rules, and shared request policy checks. |
| 23 | +- `src/lib/request-policy.ts` applies blacklist, setlist, queue, and request-limit checks. |
| 24 | +- `src/lib/server/playlist-management.ts` enforces owner and moderator playlist permissions. |
| 25 | + |
| 26 | +## Search and request rules |
| 27 | + |
| 28 | +- The panel search applies channel request filters such as official-only, allowed tunings, and required parts. |
| 29 | +- The panel hides blacklisted search results when the channel blacklist is enabled. |
| 30 | +- The panel keeps playlist viewing available without identity sharing. |
| 31 | +- The panel requires linked identity for viewer request writes. |
| 32 | +- The panel keeps blocked viewers in a read-only request state. |
0 commit comments