feat(ui): add config toggles and session timeout support

msinhore · msinhore · commit 9ee566f379c7 · 2025-10-15T21:44:32.000+02:00
diff --git a/host-agent/api/handlers.py b/host-agent/api/handlers.py
@@ -29,13 +29,32 @@
 
 class APIHandlers:
 
-    def __init__(self, agent_defaults: Dict[str, Any]):
+    def __init__(self, agent_defaults: Dict[str, Any], ui_config: Optional[Dict[str, Any]] = None):
         self.agent_defaults = agent_defaults
+        self.ui_config = ui_config or {"enabled": True, "session_timeout_seconds": 1800}
         self.vm_manager = VMManager()
         self.vm_lifecycle = VMLifecycle(agent_defaults)
         self.config_manager = ConfigManager(agent_defaults)
         self.state_manager = StateManager(agent_defaults)
 
+    def v1_ui_config(self) -> Dict[str, Any]:
+        cfg = self.ui_config or {}
+        enabled = bool(cfg.get("enabled", True))
+        timeout = cfg.get("session_timeout_seconds", 1800)
+        try:
+            timeout = int(timeout)
+        except (TypeError, ValueError):
+            timeout = 1800
+        if timeout < 0:
+            timeout = 0
+        return {
+            "status": "success",
+            "config": {
+                "enabled": enabled,
+                "session_timeout_seconds": timeout,
+            },
+        }
+
     def api_create(self, req: SpecRequest) -> Dict[str, Any]:
         """Prepare storage+network, write config and start the VM."""
         # Dump the raw incoming spec as early as possible (before any parsing/try),
diff --git a/host-agent/api/routes.py b/host-agent/api/routes.py
@@ -13,9 +13,10 @@ def register_routes(
     app: FastAPI,
     agent_defaults: Dict[str, Any],
     auth_dependency: Optional[Any] = None,
+    ui_config: Optional[Dict[str, Any]] = None,
 ) -> None:
     """Register all API routes with the FastAPI application."""
-    handlers = APIHandlers(agent_defaults)
+    handlers = APIHandlers(agent_defaults, ui_config=ui_config)
     deps = [Depends(auth_dependency)] if auth_dependency else []
     protected = {"dependencies": deps} if deps else {}
 
@@ -40,6 +41,10 @@ def v1_health_alias():
     def v1_config_effective():
         return handlers.v1_config_effective()
 
+    @app.get("/v1/ui/config")
+    def v1_ui_config():
+        return handlers.v1_ui_config()
+
     # VM management endpoints
     @app.post("/v1/vms", status_code=201, **protected)
     def create_vm(req: SpecRequest):
diff --git a/host-agent/config/manager.py b/host-agent/config/manager.py
@@ -80,6 +80,30 @@ def load_agent_config(self) -> Dict[str, Any]:
             for key in ["host", "storage", "net"]:
                 if key not in cfg["defaults"] or not isinstance(cfg["defaults"][key], dict):
                     cfg["defaults"][key] = {}
+        # Normalize UI configuration
+        ui_cfg = cfg.get("ui") if isinstance(cfg.get("ui"), dict) else {}
+        enabled = ui_cfg.get("enabled")
+        if enabled is None:
+            enabled = True
+        else:
+            enabled = bool(enabled)
+        timeout_seconds = 1800
+        if "session_timeout_seconds" in ui_cfg:
+            try:
+                timeout_seconds = int(ui_cfg.get("session_timeout_seconds", 1800))
+            except (TypeError, ValueError):
+                timeout_seconds = 1800
+        elif "session_timeout_minutes" in ui_cfg:
+            try:
+                timeout_seconds = int(ui_cfg.get("session_timeout_minutes", 30)) * 60
+            except (TypeError, ValueError):
+                timeout_seconds = 1800
+        if timeout_seconds < 0:
+            timeout_seconds = 0
+        cfg["ui"] = {
+            "enabled": enabled,
+            "session_timeout_seconds": timeout_seconds,
+        }
         return cfg
 
     def write_config(self, spec: Spec, paths: Paths) -> None:
diff --git a/host-agent/debian/firecracker-agent.json b/host-agent/debian/firecracker-agent.json
@@ -32,5 +32,9 @@
   "auth": {
     "enabled": true,
     "service": "firecracker-agent"
+  },
+  "ui": {
+    "enabled": true,
+    "session_timeout_seconds": 1800
   }
 }
diff --git a/host-agent/firecracker-agent.py b/host-agent/firecracker-agent.py
@@ -29,7 +29,7 @@
 from fastapi import FastAPI, HTTPException, Request
 from fastapi.staticfiles import StaticFiles
 from fastapi.exceptions import RequestValidationError
-from starlette.responses import FileResponse, JSONResponse
+from starlette.responses import FileResponse, JSONResponse, RedirectResponse
 
 from api import register_routes
 from cli import CLICommands
@@ -57,6 +57,7 @@
 TLS_OPTIONS: Dict[str, Any] = {}
 IS_API_MODE = True
 UI_STATIC_MOUNTED = False
+UI_CONFIG: Dict[str, Any] = {"enabled": True, "session_timeout_seconds": 1800}
 # Initialize FastAPI app
 app = FastAPI(title="Firecracker Agent", version="1.0.0")
 
@@ -128,6 +129,25 @@ def _build_tls_options(security_cfg: Any) -> Dict[str, Any]:
     return options
 
 
+def _configure_ui_settings(ui_cfg: Any) -> None:
+    """Normalize UI configuration defaults."""
+    global UI_CONFIG
+    enabled = True
+    timeout_seconds = 1800
+    if isinstance(ui_cfg, dict):
+        enabled = bool(ui_cfg.get("enabled", True))
+        try:
+            timeout_seconds = int(ui_cfg.get("session_timeout_seconds", timeout_seconds))
+        except (TypeError, ValueError):
+            timeout_seconds = 1800
+        if timeout_seconds < 0:
+            timeout_seconds = 0
+    UI_CONFIG = {
+        "enabled": enabled,
+        "session_timeout_seconds": timeout_seconds,
+    }
+
+
 def _mount_ui_static_if_available() -> None:
     """Mount the compiled web UI under /ui when assets are present."""
     global UI_STATIC_MOUNTED
@@ -198,11 +218,17 @@ async def startup_event():
 
     # Apply logging configuration
     _apply_logging_from_cfg(AGENT_CFG)
+    # Configure optional features
+    _configure_ui_settings(AGENT_CFG.get("ui"))
+
     # Register API routes with loaded configuration
     if AUTH_DEPENDENCY is None:
         AUTH_DEPENDENCY = _configure_auth_dependency(AGENT_CFG.get("auth", {}))
-    register_routes(app, AGENT_DEFAULTS, AUTH_DEPENDENCY)
-    _mount_ui_static_if_available()
+    register_routes(app, AGENT_DEFAULTS, AUTH_DEPENDENCY, UI_CONFIG)
+    if UI_CONFIG.get("enabled"):
+        _mount_ui_static_if_available()
+    else:
+        logger.info("UI disabled via configuration; static assets will not be served.")
     # Initialize VM lifecycle for recovery
     vm_lifecycle = VMLifecycle(AGENT_DEFAULTS)
     vm_lifecycle.startup_vm_recovery()
@@ -230,6 +256,8 @@ async def shutdown_event():
 # Root endpoint
 @app.get("/", include_in_schema=False)
 def root():
+    if UI_CONFIG.get("enabled"):
+        return RedirectResponse(url="/ui", status_code=302)
     return root_ok()
 
 
diff --git a/host-agent/ui/src/App.vue b/host-agent/ui/src/App.vue
@@ -66,7 +66,7 @@
 </template>
 
 <script setup>
-import { computed, onMounted, ref, watch } from "vue";
+import { computed, onBeforeUnmount, onMounted, ref, watch } from "vue";
 import LoginPage from "./components/LoginPage.vue";
 import VmList from "./components/VmList.vue";
 import { api, clearAuth, loadAuthFromStorage, setBasicAuth } from "./services/apiClient";
@@ -77,6 +77,11 @@ const loginLoading = ref(false);
 const isAuthenticated = ref(false);
 const vmListRef = ref(null);
 const hostSummary = ref(null);
+const uiConfig = ref({
+  enabled: true,
+  session_timeout_seconds: 0,
+});
+let sessionExpiryHandle = null;
 
 const updateTimestamp = (value) => {
   lastUpdated.value = value;
@@ -94,6 +99,7 @@ const handleAuthRequired = (message) => {
   clearAuth();
   setAuthState(false);
   loginLoading.value = false;
+  clearSessionExpiry();
   hostSummary.value = null;
   if (typeof message === "string" && message.trim()) {
     loginError.value = message;
@@ -119,6 +125,7 @@ const handleLoginSubmit = async ({ username, password }) => {
     setBasicAuth(username, password);
     await api.get("/v1/vms");
     setAuthState(true);
+    scheduleSessionExpiry();
     await fetchHostSummary();
   } catch (error) {
     clearAuth();
@@ -134,6 +141,7 @@ const handleLoginSubmit = async ({ username, password }) => {
 };
 
 const handleLogout = () => {
+  clearSessionExpiry();
   clearAuth();
   setAuthState(false);
   loginError.value = "";
@@ -146,15 +154,6 @@ const lastUpdatedLabel = computed(() => {
   return new Date(lastUpdated.value).toLocaleString();
 });
 
-const primaryAddress = computed(() => {
-  const addresses = hostSummary.value?.ip_addresses;
-  if (!Array.isArray(addresses) || addresses.length === 0) {
-    return null;
-  }
-  const primary = addresses.find((entry) => entry.family === "IPv4" && !entry.is_loopback);
-  return primary || addresses[0];
-});
-
 const cpuLabel = computed(() => {
   const cpu = hostSummary.value?.cpu;
   if (!cpu) return "-";
@@ -193,6 +192,11 @@ const diskLabel = computed(() => {
   return `${gib.toFixed(1)} GiB`;
 });
 
+const sessionTimeoutSeconds = computed(() => {
+  const raw = Number(uiConfig.value?.session_timeout_seconds ?? 0);
+  return Number.isFinite(raw) && raw > 0 ? raw : 0;
+});
+
 const isBridgeInterface = (name) => {
   if (!name) {
     return false;
@@ -255,7 +259,48 @@ const hostInterfaces = computed(() => {
     .sort((a, b) => a.name.localeCompare(b.name));
 });
 
+const loadUiConfig = async () => {
+  try {
+    const { data } = await api.get("/v1/ui/config");
+    const payload = (data && data.config) || data || {};
+    const timeoutSeconds = Number(payload.session_timeout_seconds ?? 0);
+    uiConfig.value = {
+      enabled: payload.enabled !== false,
+      session_timeout_seconds: Number.isFinite(timeoutSeconds) && timeoutSeconds > 0 ? timeoutSeconds : 0,
+    };
+  } catch (error) {
+    console.warn("Failed to load UI configuration", error);
+  }
+};
+
+const clearSessionExpiry = () => {
+  if (sessionExpiryHandle !== null) {
+    window.clearTimeout(sessionExpiryHandle);
+    sessionExpiryHandle = null;
+  }
+};
+
+const handleSessionExpired = () => {
+  clearSessionExpiry();
+  loginError.value = "Session expired. Please sign in again.";
+  clearAuth();
+  setAuthState(false);
+};
+
+const scheduleSessionExpiry = () => {
+  clearSessionExpiry();
+  const seconds = sessionTimeoutSeconds.value;
+  if (!seconds) {
+    return;
+  }
+  sessionExpiryHandle = window.setTimeout(() => {
+    handleSessionExpired();
+  }, seconds * 1000);
+};
 onMounted(() => {
+  loadUiConfig().catch(() => {
+    /* optional */
+  });
   const restored = loadAuthFromStorage();
   setAuthState(restored);
   if (!restored) {
@@ -271,16 +316,35 @@ watch(
   () => isAuthenticated.value,
   (value) => {
     if (value) {
+      scheduleSessionExpiry();
       if (!hostSummary.value) {
         fetchHostSummary().catch(() => {
           /* non-fatal */
         });
       }
     } else {
+      clearSessionExpiry();
       hostSummary.value = null;
     }
   }
 );
+
+watch(
+  () => sessionTimeoutSeconds.value,
+  (seconds) => {
+    if (!seconds) {
+      clearSessionExpiry();
+      return;
+    }
+    if (isAuthenticated.value) {
+      scheduleSessionExpiry();
+    }
+  }
+);
+
+onBeforeUnmount(() => {
+  clearSessionExpiry();
+});
 </script>
 
 <style scoped>

Original file line number	Diff line number	Diff line change
`@@ -32,5 +32,9 @@`
`32`	`32`	`"auth": {`
`33`	`33`	`"enabled": true,`
`34`	`34`	`"service": "firecracker-agent"`
	`35`	`+ },`
	`36`	`+ "ui": {`
	`37`	`+ "enabled": true,`
	`38`	`+ "session_timeout_seconds": 1800`
`35`	`39`	`}`
`36`	`40`	`}`