Done Work Item
Operator session UI — login page, session context provider, and logout flow
Implement the user-facing authentication surfaces that connect to the auth backend from BF-215/BF-217. Create: app/login/page.tsx (login form with username+password fields, CSRF token, form validation, error display for wrong credentials, success redirect to /dashboard), components/session-context.tsx (React context provider that exposes current user, roles, and session state; wraps the entire app layout), components/logout-button.tsx (triggers POST /api/auth/logout, clears session cookie, redirects to /login). The login page must be the only unprotected entry point. Session context must be available in all layouts and components. Mobile: login form must work cleanly at 390px.
Execution Context
- ID
- wi-BF-236
- Branch
- bf/BF-236-operator-session-ui-login-logout
- Validation
- ./scripts/validate-local.ps1
- PR
- https://github.com/SingletonTheory/build-factory-bootstrap/pull/315
Lifecycle Metadata
- Lane
- Done
- Work type
- feature
- Source
- done
- Status
- done
- State
- done
- Done criteria
- 9
Queue Truth
Freshness: Fresh (snapshot age 0s)
Drift: none.
Reconciliation Guidance
- No reconciliation required; item truth signals are consistent.
Prompt Context
./work-items/prompts/wi-BF-236.prompt.md
Implement the user-facing authentication surfaces that connect to the auth backend from BF-215/BF-217. Create: app/login/page.tsx (login form with username+password fields, CSRF token, form validation, error display for wrong credentials, success redirect to /dashboard), components/session-context.tsx (React context provider that exposes current user, roles, and session state; wraps the entire app layout), components/logout-button.tsx (triggers POST /api/auth/logout, clears session cookie, redirects to /login). The login page must be the only unprotected entry point. Session context must be available in all layouts and components. Mobile: login form must work cleanly at 390px.
Available Actions
- Start executionBlocked
Queue execution handoff for this work item.
Recovery guidance
- Cause
- Done items stay closed; Start execution cannot move them backward.
- Policy context
- Lane transition policy blocks Start execution when the item is already Done.
- Next step
- Create a net-new work item if more delivery is needed instead of reopening this one.
- Safe retry
- Do not retry Start execution on a done item.
identity: start-execution
permission: factory.work-item.execute
policy gate lane-transition: blocked (Done items stay closed; Start execution cannot move them backward.)
POST /api/control-plane/items/wi-BF-236/actions/start-execution
- Request reviewBlocked
Mark this item ready for review lane handoff.
Recovery guidance
- Cause
- Done items stay closed; Request review cannot move them backward.
- Policy context
- Lane transition policy blocks Request review when the item is already Done.
- Next step
- Create a net-new work item if more delivery is needed instead of reopening this one.
- Safe retry
- Do not retry Request review on a done item.
identity: request-review
permission: factory.work-item.request-review
policy gate lane-transition: blocked (Done items stay closed; Request review cannot move them backward.)
POST /api/control-plane/items/wi-BF-236/actions/request-review
- Prepare releaseEnabled
Run release-preparation checks for the work item.
identity: prepare-release
permission: factory.work-item.prepare-release
policy gate lane-eligibility: pass
policy gate pull-request: pass
POST /api/control-plane/items/wi-BF-236/actions/prepare-release
- Record historyEnabled
Capture history snapshots for audit and validation views.
identity: record-history
permission: factory.work-item.record-history
policy gate context-visibility: pass
POST /api/control-plane/items/wi-BF-236/actions/record-history