Skip to content

feat: auto-fetch ngrok tunnel credentials from SyftHub#97

Merged
itstauq merged 4 commits intomainfrom
feat/auto-fetch-tunnel-credentials
Mar 4, 2026
Merged

feat: auto-fetch ngrok tunnel credentials from SyftHub#97
itstauq merged 4 commits intomainfrom
feat/auto-fetch-tunnel-credentials

Conversation

@itstauq
Copy link
Member

@itstauq itstauq commented Mar 3, 2026
edited
Loading

Summary

Since syft-space already authenticates with SyftHub during onboarding (register/login), we can leverage that session to fetch ngrok tunnel credentials automatically — removing the manual developer token input entirely and making the tunnel fully self-healing.

What changed:

  • SyftHubClient: added get_tunnel_credentials() method that calls GET /api/v1/users/me/tunnel-credentials to fetch a fresh (auth_token, domain) pair
  • ProxyService:
    • connect() is now the single public API — tries stored credentials from DB first, falls back to fetching fresh ones from SyftHub via a CredentialsProvider callback
    • _connect(token, domain) is the internal method for explicit credentials
    • Startup auto-connect only runs if a stored token exists (won't override explicit disconnect or custom URL mode)
    • _reconnect_loop is self-healing: on first reconnect failure per cycle, fetches fresh credentials from SyftHub, persists them, and retries immediately before exponential backoff
  • Settings handler: configure_proxy() delegates to proxy_service.connect() — no duplicated credential fallback logic. SyftHubError status codes (e.g. 401) are preserved so the frontend auth guard can trigger re-authentication
  • DB migration: renamed ngrok_username column to ngrok_domain (old username values are incompatible with the new flow where SyftHub returns the full domain)
  • Frontend onboarding: removed the developer token input field; selecting "Use a URL provided by SyftHub" now just works
  • Frontend settings: removed the manual Connect/Reconnect button; tunnel status is read-only. Save button triggers configureProxy() when switching to subdomain mode while disconnected

Test plan

  • Fresh install: onboarding → register/sign-in → select subdomain mode → complete setup → tunnel connects automatically (no token input)
  • Existing install (has old ngrok_username in DB): migration drops it, startup sees stored token but no domain → fetches fresh credentials from SyftHub → tunnel connects
  • Settings page: shows connection status as read-only (green/yellow dot, public URL), no manual connect button
  • Subdomain → custom: switch to custom URL → save → proxy disconnects, custom URL is set
  • Custom → subdomain: switch to subdomain → save → configureProxy() called → tunnel connects
  • App restart in subdomain mode: tunnel auto-reconnects using stored credentials
  • App restart in custom URL mode: no auto-connect (no stored token), custom URL preserved
  • Self-healing reconnect: kill ngrok connection → reconnect loop retries with stored creds → on failure, fetches fresh creds from SyftHub once → reconnects
  • SyftHub auth expired: configureProxy() returns 401 → frontend triggers re-auth flow

@itstauq
feat: auto-fetch ngrok tunnel credentials from SyftHub
9c4aa2c 
Instead of requiring users to manually paste an ngrok developer token
during onboarding and in settings, fetch tunnel credentials automatically
from SyftHub's GET /api/v1/users/me/tunnel-credentials endpoint.

Backend:
- Add get_tunnel_credentials() to SyftHubClient
- configure_proxy handler now fetches credentials from SyftHub
- proxy_service.connect() accepts domain directly (remove NGROK_DOMAIN_FORMAT)
- Remove ProxyConfigRequest schema and request body from POST /settings/proxy

Frontend:
- Remove developer token input from onboarding and settings pages
- configureProxy() sends POST with no body
- Add Connect/Reconnect button to settings proxy status panel
@itstauq itstauq requested a review from shubham3121 March 3, 2026 21:41
itstauq added 3 commits March 4, 2026 15:05
@itstauq
feat: rename ngrok_username to ngrok_domain, add self-healing reconne…
e9c5da3 
…ct, remove manual connect button

- Add Alembic migration to rename ngrok_username column to ngrok_domain
- Update Settings entity and repository to use ngrok_domain
- Add credentials-provider fallback to _reconnect_loop for self-healing
  at runtime (fetches fresh creds from SyftHub on first reconnect failure)
- Remove Connect/Reconnect button from SettingsPage (fully automatic)
@itstauq
fix: consolidate connect logic, preserve SyftHub error codes, prevent…
35de078 
… unintended auto-reconnect

- Rename connect(token, domain) to _connect() (internal), promote
  connect_with_fallback() to connect() as the public API
- Handler's configure_proxy() delegates to proxy_service.connect()
  instead of duplicating the stored→fresh credentials fallback
- Catch SyftHubError separately in handler to preserve status codes
  (e.g. 401) so frontend auth guard can trigger re-auth flow
- Skip auto-connect on startup when no stored token exists, preventing
  override of explicit disconnect or custom URL mode
- Fix Settings Save button: check !connected instead of !hasToken so
  disconnected tunnels can be re-triggered
@itstauq
fix: pre-fill custom URL with current origin in settings page
ef7aca0
@itstauq itstauq merged commit 6a4f2cd into main Mar 4, 2026
2 checks passed
@itstauq itstauq deleted the feat/auto-fetch-tunnel-credentials branch March 4, 2026 11:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shubham3121 shubham3121 Awaiting requested review from shubham3121

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@itstauq