Skip to main content

Module frontend

Module frontend 

Source
Expand description

CorTeX Frontend capabilities - reports, rendering, auth and more

Modules§

actor
The Actor request guard: the authenticated initiator of a mutating request.
admin
Admin web UI: a single signed-in /admin dashboard that consolidates the admin actions (service registry, background jobs, system health, settings, API docs, and “add a corpus”) which previously sprinkled the public homepage. Access uses the lightweight token scheme — an AdminSession cookie (frontend::actor), set on the sign-in page below.
apidoc
API documentation: a generated OpenAPI 3 spec plus a RapiDoc browser page, both built by rocket_okapi directly from the #[openapi]-annotated agent routes — the spec is generated from the single source of truth (the real Rocket route + its return type) and so can never drift from the served API. This is the symmetry contract extended to the docs (see docs/archive/api-spike/COMPARISON.md + OPEN_QUESTIONS #7; rocket_okapi was chosen over utoipa).
audit
The accounting pillar (AAA — docs/archive/AAA_DESIGN.md): a Rocket fairing that records every mutating admin request to the audit_log, so “who did what, when, to what, with what outcome” is observable. Centralizing it in one fairing (rather than a call in each write handler) means no endpoint can forget to log and new endpoints are audited automatically — drift-proof, in the spirit of the symmetry contract.
catchers
HTTP error catchers: one consistent, content-negotiated error response across the whole surface, instead of Rocket’s built-in default page.
concerns
Common concerns for frontend routes
corpora
Corpus-management capability: list/inspect/import/delete corpora as screens + API.
cors
CORS capabilities for the Rocket frontend
helpers
General purpose auxiliary routines that do not fit the MVC web service paradigm, tending to minor tasks
jobs
Jobs capability: poll long-running jobs. One shared JobDto renders as JSON for agents (GET /api/jobs/<uuid>) and the progress page (GET /jobs/<uuid>) polls that same JSON. The job mechanism itself lives in crate::jobs.
management
Management & health capability: the configuration view/edit surface, the Settings page, and a health check.
metrics
Prometheus /metrics — operational gauges for scraping (Arm 8 observability). Token-gated via the Actor guard, so it is not public; Prometheus scrapes it with ?token=<token> (the guard also accepts the X-Cortex-Token header). Deliberately limited to current-state gauges read on each scrape — connection-pool saturation, background-job backlog, active admin sessions, registered corpora/services, the dispatcher worker fleet’s size + in-flight backlog, and the pending-conversion backlog (cortex_tasks_todo, the one full-table count — bounded ~tens-to-hundreds of ms even at arXiv scale).
params
Various parameter data structures for the Rocket frontend routes
render
Report-rendering layer: the thin presentation proxy over [crate::backend::task_report] that the HTML report screens use.
reports
Reports capability: the typed, paginated agent API for the category and what reports — the agent twin of the most-used human screens (severity-report / category-report).
retention
Historical-data retention — managing the one unbounded-growth table, historical_tasks (one per-task status snapshot per save-snapshot). The admin screen surfaces the snapshot count + the oldest snapshot, lets the admin pick a cutoff date, shows a dry-run count of exactly what a prune would remove, and only then offers a confirmed delete (gated + audited — same safety pattern as delete_corpus). The run summaries (historical_runs) are never touched, so the run history and charts survive; only the bulky per-task snapshots age out.
runs
Historical-runs capability: inspect the run history of a (corpus, service) as an agent API (the JSON twin of the human history screen).
server
The library-resident Rocket composition root.
services
Services capability: the worker-fleet view for a service, as a human screen + agent API.
sessions
Active admin sessions management — the security-oversight completion of the session model (models::session, docs/archive/WEBAUTHN_DESIGN.md): see who is currently signed in (token or passkey) and revoke a compromised identity’s sessions. Uniform authz — any signed-in admin may view + revoke.
webauthn
Passkey (WebAuthn) sign-in — the relying-party instance built from config (docs/archive/WEBAUTHN_DESIGN.md). This is the foundation: the configured [webauthn_rs::prelude::Webauthn] relying party as Rocket managed state. The registration/authentication ceremonies and the sign-in UI build on this in the following increments.