timetracker

simonfranken/timetracker

Fork 0

Commit Graph

Author	SHA1	Message	Date
simon.franken	a7ab55932f	fix: review fixes for MCP and API key feature - Remove spurious ALTER TABLE client_targets DROP DEFAULT from migration (Prisma schema drift side-effect unrelated to this PR) - Surface revoke errors in ApiKeysPage UI via deleteApiKey.isError - Fix UpdateProjectInput.color type to allow null, removing unsafe cast in the update_project MCP tool handler	2026-03-16 15:35:06 +01:00
simon.franken	64211e6a49	feat: add MCP endpoint and API key management - Add ApiKey Prisma model (SHA-256 hash, prefix, lastUsedAt) with migration - Implement ApiKeyService (create, list, delete, verify) - Extend requireAuth middleware to accept sk_-prefixed API keys alongside JWTs - Add GET/POST /api-keys routes for creating and revoking keys - Add stateless Streamable HTTP MCP server at POST/GET /mcp exposing all 20 time-tracking tools (clients, projects, time entries, timer, statistics, client targets and corrections) - Frontend: ApiKey types, apiKeys API module, useApiKeys hook - Frontend: ApiKeysPage with key table, one-time raw-key reveal modal, and inline revoke confirmation - Wire /api-keys route and add API Keys link to Management dropdown in Navbar	2026-03-16 15:26:09 +01:00

Author

SHA1

Message

Date

simon.franken

a7ab55932f

fix: review fixes for MCP and API key feature

- Remove spurious ALTER TABLE client_targets DROP DEFAULT from migration
  (Prisma schema drift side-effect unrelated to this PR)
- Surface revoke errors in ApiKeysPage UI via deleteApiKey.isError
- Fix UpdateProjectInput.color type to allow null, removing unsafe cast
  in the update_project MCP tool handler

2026-03-16 15:35:06 +01:00

simon.franken

64211e6a49

feat: add MCP endpoint and API key management

- Add ApiKey Prisma model (SHA-256 hash, prefix, lastUsedAt) with migration
- Implement ApiKeyService (create, list, delete, verify)
- Extend requireAuth middleware to accept sk_-prefixed API keys alongside JWTs
- Add GET/POST /api-keys routes for creating and revoking keys
- Add stateless Streamable HTTP MCP server at POST/GET /mcp exposing all 20
  time-tracking tools (clients, projects, time entries, timer, statistics,
  client targets and corrections)
- Frontend: ApiKey types, apiKeys API module, useApiKeys hook
- Frontend: ApiKeysPage with key table, one-time raw-key reveal modal, and
  inline revoke confirmation
- Wire /api-keys route and add API Keys link to Management dropdown in Navbar

2026-03-16 15:26:09 +01:00

2 Commits