Auth & Account Management#

OAuth 2.1 Loopback Flow#

Uses jacquard::oauth with LoopbackConfig to authenticate:

1. User enters handle or DID
2. Resolve authorization server via jacquard::oauth::resolver
3. Build AtprotoClientMetadata with app identity
4. OAuthClient initiates PAR + DPoP flow
5. Loopback server captures redirect on 127.0.0.1:<port>
6. Exchange code for tokens; OAuthSession manages refresh automatically

No app passwords needed — full OAuth 2.1 with DPoP proof-of-possession but app passwords should be supported in dev environments.

Multi-Account#

• SQLite table accounts: did TEXT PK, handle TEXT, pds_url TEXT, active INTEGER
• Encrypted token storage via jacquard::oauth::authstore trait with a persistent implementation backed by SQLite + OS keychain (Tauri's tauri-plugin-keychain or raw security-framework)
• Account switcher in sidebar — click to swap active session
• Each account gets its own OAuthSession instance
• Active account DID stored in app state; Tauri events notify frontend on switch

UX Polish#

• Login form: Motion spring animation on the handle input shake for invalid input
• Account switcher: Presence exit/enter animation when swapping active account avatar
• Session expiry: inline re-auth prompt with gentle pulse animation, not a modal wall
• Loading: skeleton shimmer on profile card while session restores

Session Lifecycle#

• On launch: load stored sessions, attempt token refresh for active account
• On token expiry: jacquard::oauth auto-refreshes via DPoP-bound refresh token
• On refresh failure: prompt re-auth, mark account as expired in UI
• Logout: revoke tokens, clear stored auth data

at:// Deep Link Registration#

• Register at scheme via tauri-plugin-deep-link
• On at:// link open: parse URI, route to AT Explorer view
• If app not running: launch, then navigate after session restore