Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR introduces a Supabase-backed attendance system with secure, rotating QR clock-in (HMAC-signed tokens), admin-driven user creation via an Edge Function, and related Flutter app updates (Supabase auth integration, kiosk mode, theming, and UI responsiveness).
Changes:
- Adds Supabase schema/migrations for companies, profiles, attendance logs, geofencing, and signed QR token validation in
clock_in. - Adds an Edge Function (
create_user) to let admins create users without leaving their session. - Updates the Flutter app to initialize Supabase, use Supabase-backed Auth/Attendance flows, add kiosk dashboard + theme toggling, and update dependencies/tooling.
Reviewed changes
Copilot reviewed 38 out of 39 changed files in this pull request and generated 16 comments.
Show a summary per file
| File | Description |
|---|---|
| supabase/seed.sql | Seeds a mock company, QR config, and test users. |
| supabase/migrations/20260501000000_initial_schema.sql | Introduces initial tables, enums, RLS policies, and profile-creation trigger. |
| supabase/migrations/20260502000000_attendance_logic.sql | Adds distance calculation + initial attendance RPCs. |
| supabase/migrations/20260502000001_qr_totp_security.sql | Adds qr_secret and updates clock_in to enforce signed/expiring QR tokens. |
| supabase/functions/create_user/index.ts | Edge Function to create users using Service Role after admin authorization check. |
| supabase/functions/create_user/deno.json | Import map for the Edge Function. |
| supabase/functions/create_user/.npmrc | Placeholder npm configuration for Edge Functions. |
| supabase/config.toml | Enables DB seeding and configures Edge Function deployment settings. |
| supabase/.gitignore | Ignores Supabase local state/temp and dotenvx key files. |
| mise_a_jour_futur.md | Project status + production-readiness notes (FR). |
| flutter_app/pubspec.yaml | Adds supabase_flutter and crypto dependencies. |
| flutter_app/pubspec.lock | Resolves new dependency graph and updates SDK minimums. |
| flutter_app/linux/flutter/generated_plugins.cmake | Registers additional Linux plugins required by new deps. |
| flutter_app/linux/flutter/generated_plugin_registrant.cc | Registers additional Linux plugins required by new deps. |
| flutter_app/lib/main.dart | Initializes Supabase before DI/app start. |
| flutter_app/lib/app/di.dart | Registers SupabaseClient + ThemeCubit + SharedPreferences in GetIt. |
| flutter_app/lib/app/app.dart | Wires ThemeCubit into MaterialApp and disables scrollbars globally. |
| flutter_app/lib/app/router.dart | Adds kiosk route + redirects kiosk users into kiosk-only flow. |
| flutter_app/lib/app/theme/app_theme.dart | Adds a dark theme variant. |
| flutter_app/lib/core/constants/app_constants.dart | Adds Supabase URL/anon key configuration via --dart-define. |
| flutter_app/lib/core/network/api_client.dart | Points base URL at Supabase URL. |
| flutter_app/lib/core/theme/theme_cubit.dart | Adds persisted theme mode switching. |
| flutter_app/lib/features/auth/domain/entities/user_entity.dart | Adds kiosk role and role helpers. |
| flutter_app/lib/features/auth/presentation/bloc/auth_bloc.dart | Replaces mock auth with Supabase auth + Edge Function user creation. |
| flutter_app/lib/features/auth/presentation/screens/login_screen.dart | Adds helper text for test accounts. |
| flutter_app/lib/features/auth/presentation/screens/register_screen.dart | Updates navigation to use GoRouter. |
| flutter_app/lib/features/attendance/presentation/bloc/attendance_bloc.dart | Uses Supabase RPCs for clock-in/out and loads geofence config from DB. |
| flutter_app/lib/features/attendance/presentation/screens/scanner_screen.dart | Adds scroll wrapping for better small-screen handling. |
| flutter_app/lib/features/attendance/presentation/screens/reports_screen.dart | Uses FittedBox to improve stat card layout on small screens. |
| flutter_app/lib/features/dashboard/presentation/screens/admin_dashboard.dart | Uses FittedBox to prevent stat card overflow. |
| flutter_app/lib/features/dashboard/presentation/screens/kiosk_dashboard.dart | Adds full-screen kiosk QR display with rotating signed tokens. |
| flutter_app/lib/features/employees/presentation/screens/employee_directory_screen.dart | Adds “Add User” sheet wired into AuthBloc registration event. |
| flutter_app/lib/features/settings/presentation/screens/settings_screen.dart | Adds theme toggle wired to ThemeCubit. |
| flutter_app/android/settings.gradle | Updates Android Gradle Plugin + Kotlin plugin versions. |
| flutter_app/android/gradle/wrapper/gradle-wrapper.properties | Updates Gradle wrapper version. |
| flutter_app/README.md | Documents Supabase runtime configuration. |
| README.md | Removes Gemini API key setup step. |
| .vscode/settings.json | Enables Deno tooling for Supabase Edge Functions. |
| .vscode/extensions.json | Recommends Deno VS Code extension. |
Comments suppressed due to low confidence (1)
flutter_app/lib/features/auth/presentation/bloc/auth_bloc.dart:91
- On successful user creation, the bloc emits AuthStatus.unauthenticated. This will effectively log out (or at least redirect) the currently signed-in admin even though create_user is meant to be an admin-only action while staying logged in. Keep the current authenticated user in state and expose a separate 'userCreated' success flag/event for the UI instead of flipping auth state.
emit(state.copyWith(
status: AuthStatus.unauthenticated,
errorMessage: null,
));
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+76
to
+78
| -- QR Configs: Anyone authenticated can read QR configs | ||
| CREATE POLICY "Authenticated users can view QR configs" ON public.qr_configs | ||
| FOR SELECT USING (auth.role() = 'authenticated'); |
Comment on lines
+10
to
+14
| // Android emulator cannot access host localhost directly; it must use 127.0.0.1. | ||
| // Override with --dart-define=SUPABASE_URL=... when using physical devices or cloud Supabase. | ||
| static const String supabaseUrl = String.fromEnvironment( | ||
| 'SUPABASE_URL', | ||
| defaultValue: 'http://127.0.0.1:54331', |
Comment on lines
+11
to
+14
| -- Create mock users via Supabase auth (in a real scenario this happens via the API) | ||
| -- For seeding, we'll directly insert into auth.users and let the trigger create the profiles. | ||
| -- (Note: passwords in auth.users are encrypted. We use a known hash for 'password123') | ||
|
|
Comment on lines
+99
to
+103
| @override | ||
| void dispose() { | ||
| _timer.cancel(); | ||
| _clockTimer.cancel(); | ||
| super.dispose(); |
Comment on lines
+53
to
+56
| -- 3. Geofencing Validation | ||
| SELECT * INTO v_config FROM public.qr_configs WHERE company_id = v_company_id; | ||
|
|
||
| IF v_config IS NOT NULL AND v_config.office_lat IS NOT NULL AND v_config.office_lng IS NOT NULL THEN |
Comment on lines
+15
to
+17
| INSERT INTO auth.users ( | ||
| instance_id, id, aud, role, email, encrypted_password, email_confirmed_at, raw_app_meta_data, raw_user_meta_data, created_at, updated_at | ||
| ) VALUES |
Comment on lines
+113
to
+117
| void _showCreateUserSheet(BuildContext context) { | ||
| final theme = Theme.of(context); | ||
| final nameController = TextEditingController(); | ||
| final emailController = TextEditingController(); | ||
| final passwordController = TextEditingController(); |
Comment on lines
+93
to
+96
| setState(() { | ||
| _currentQrData = '$dataToSign:$signature'; | ||
| _secondsRemaining = 15; // Could be dynamic from config | ||
| }); |
Comment on lines
+88
to
+90
| -- Attendance: Users can update their own attendance (clock out) | ||
| CREATE POLICY "Users can clock out" ON public.attendance_logs | ||
| FOR UPDATE USING (user_id = auth.uid()); |
Comment on lines
+200
to
+204
| child: CircularProgressIndicator( | ||
| value: _secondsRemaining / 15, | ||
| strokeWidth: 3, | ||
| backgroundColor: theme.colorScheme.outlineVariant, | ||
| valueColor: const AlwaysStoppedAnimation<Color>(AppTheme.secondary), |
Collaborator
Author
|
@copilot ecris moi tous les conflits à géré en brut et je les reglerais en local dans mon pc |
Contributor
J’ai vérifié l’état du repo et je ne vois aucun conflit de merge dans cette branche pour l’instant. Résultat brut :
Si tu veux, je peux refaire la vérif après un merge/rebase avec main. Commit de référence : c1749f6. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.