glimpse2-runbook-scaffold-auth-webhooks-view
Val Town is a collaborative website to build and scale JavaScript apps.
Deploy APIs, crons, & store data β all from the browser, and deployed in milliseconds.
main.tsx
https://lightweight--01989ea8a08476a99edf1a65b50dd1cd.web.val.run
A Val Town application for managing and viewing demos with authentication.
- Authentication: Google OAuth via LastLogin
- Dashboard: User-friendly interface showing system status
- Health Monitoring: Real-time system health checks
- Modular Architecture: Clean separation of concerns
This application uses LastLogin for authentication:
- Login: Users sign in with their Google account
- Protected Routes: All routes require authentication except public endpoints
- Logout: Users can logout via
/auth/logout(handled automatically by LastLogin) - Session Management: Automatic session validation and renewal
The following routes are accessible without authentication:
/api/health- System health status
Routes are protected by different authentication mechanisms:
User Authentication (Google OAuth via LastLogin):
/- Main dashboard (shows user info and system status)/api/*- API endpoints (except health)/views/*- View routes
Webhook Authentication (X-API-KEY header):
/tasks/*- Webhook endpoints for external integrations (POST requests only)- GET requests to
/tasks/*are allowed without authentication for debug endpoints
- GET requests to
βββ backend/
β βββ controllers/ # Business logic controllers
β βββ routes/ # Route definitions
β β βββ api/ # API endpoints
β β βββ tasks/ # Task-related routes
β β βββ views/ # User-facing views
β β βββ authCheck.ts # Authentication middleware
β βββ services/ # External service integrations
βββ frontend/ # Frontend assets
βββ shared/ # Shared utilities
βββ main.tsx # Application entry point
The application is built with:
- Hono: Web framework for routing and middleware
- LastLogin: Authentication service
- TypeScript: Type-safe development
- Val Town: Hosting platform
The application supports webhook endpoints for external integrations (like Notion webhooks):
Set the webhook secret in your environment:
NOTION_WEBHOOK_SECRET=your-secret-key-here
POST /tasks/notion-webhook- Main webhook endpoint for Notion integrationsPOST /tasks/test- Test endpoint for webhook authenticationGET /tasks/debug-webhook- Debug endpoint to check webhook configuration
Webhook endpoints require the X-API-KEY header:
curl -X POST https://your-val.web.val.run/tasks/test \ -H "X-API-KEY: your-secret-key-here"
Use the webhook testing form in the dashboard:
- Navigate to your dashboard at
/ - Find the "Webhook Endpoint" section
- Enter your
NOTION_WEBHOOK_SECRETvalue - Click "Test Webhook" to verify authentication
Configure these environment variables for full functionality:
GLANCE_DEMOS_DB_ID- Notion database ID for demosGLANCE_CONTENT_DB_ID- Notion database ID for contentGLANCE_INTERACTIONS_DB_ID- Notion database ID for interactionsNOTION_API_KEY- Notion API key for database accessNOTION_WEBHOOK_SECRET- Secret key for webhook authentication