A Val Town application for managing and viewing demos with authentication.
- Authentication: Google OAuth via LastLogin
- Dashboard: User-friendly interface showing system status
- Health Monitoring: Real-time system health checks
- Modular Architecture: Clean separation of concerns
This application uses LastLogin for authentication:
- Login: Users sign in with their Google account
- Protected Routes: All routes require authentication except public endpoints
- Logout: Users can logout via
/auth/logout(handled automatically by LastLogin) - Session Management: Automatic session validation and renewal
The following routes are accessible without authentication:
/api/health- System health status
Routes are protected by different authentication mechanisms:
User Authentication (Google OAuth via LastLogin):
/- Main dashboard (shows user info and system status)/api/*- API endpoints (except health)/views/*- View routes including/views/glimpse/:id/glimpse/*- Shortcut routes including/glimpse/:id(equivalent to/views/glimpse/:id)
Webhook Authentication (X-API-KEY header):
/tasks/*- Webhook endpoints for external integrations (POST requests only)- GET requests to
/tasks/*are allowed without authentication for debug endpoints
- GET requests to
├── backend/
│ ├── controllers/ # Business logic controllers
│ ├── routes/ # Route definitions
│ │ ├── api/ # API endpoints
│ │ ├── glimpse/ # Shortcut glimpse routes
│ │ ├── tasks/ # Task-related routes
│ │ ├── views/ # User-facing views
│ │ └── authCheck.ts # Authentication middleware
│ └── services/ # External service integrations
├── frontend/ # Frontend assets
├── shared/ # Shared utilities
└── main.tsx # Application entry point
The application provides multiple routes for accessing page data:
GET /views/glimpse/:id- Get page data by Notion page ID
GET /glimpse/:id- Same functionality as above, shorter URL
GET /glimpse/login- Force authentication and redirect based on user's email
All routes:
- Require user authentication
- Use controllers in the glimpse module
- Return appropriate responses based on user permissions
The /glimpse/login endpoint provides a secure way to authenticate users and redirect them based on their email address:
- Authentication: Forces user to authenticate via Google OAuth (LastLogin)
- Database Lookup: Queries the Notion database specified by
GLANCE_DEMOS_DB_IDenvironment variable - Email Matching: Searches for a record where the
Emailproperty matches the authenticated user's email - Redirect: If found, redirects the user to the URL specified in the
URLproperty of their record - Access Denied: If no matching record is found, displays an access denied page
The dashboard displays both routes in a comparison table for easy testing.
The application is built with:
- Hono: Web framework for routing and middleware
- LastLogin: Authentication service
- TypeScript: Type-safe development
- Val Town: Hosting platform
The application supports webhook endpoints for external integrations (like Notion webhooks):
Set the webhook secret in your environment:
NOTION_WEBHOOK_SECRET=your-secret-key-here
POST /tasks/notion-webhook- Main webhook endpoint for Notion integrationsPOST /tasks/test- Test endpoint for webhook authenticationGET /tasks/debug-webhook- Debug endpoint to check webhook configuration
Webhook endpoints require the X-API-KEY header:
curl -X POST https://your-val.web.val.run/tasks/test \ -H "X-API-KEY: your-secret-key-here"
Use the webhook testing form in the dashboard:
- Navigate to your dashboard at
/ - Find the "Webhook Endpoint" section
- Enter your
NOTION_WEBHOOK_SECRETvalue - Click "Test Webhook" to verify authentication
Configure these environment variables for full functionality:
GLANCE_DEMOS_DB_ID- Notion database ID for demosGLANCE_CONTENT_DB_ID- Notion database ID for contentGLANCE_INTERACTIONS_DB_ID- Notion database ID for interactionsNOTION_API_KEY- Notion API key for database accessNOTION_WEBHOOK_SECRET- Secret key for webhook authentication