Axiom Model: Phase 1 Code Migration Scope

Moving Identity from aethex.dev (Vercel) to aethex.foundation (Replit)

Status: CRITICAL P0 (Blocks NEXUS & FOUNDATION work) Date: 2025-11-16 Objective: Copy all auth/identity code from Corp (aethex.dev) to Guardian (aethex.foundation)

1. PAGES TO COPY

Authentication & Onboarding Pages

Profile & Settings Pages

Passport Pages

2. CONTEXTS & STATE MANAGEMENT

3. COMPONENTS TO COPY

Auth & OAuth Components

Profile & Passport Components

Shared UI Components

4. API ENDPOINTS & SERVERLESS FUNCTIONS TO COPY

Discord OAuth Endpoints

Profile & Auth Endpoints

Passport Endpoints

5. DATABASE MIGRATIONS TO COPY

Supabase Tables Required:

• user_profiles

• user_auth_identities

• discord_links

• discord_verifications

• discord_role_mappings

6. LIBRARIES & DEPENDENCIES

Required npm packages (verify in aethex.dev package.json)

Environment Variables Needed

7. CRITICAL ADAPTATIONS FOR REPLIT TARGET

Key Refactoring Points

1. API Endpoints: Vercel's /api/* files may need conversion to Express routes in code/server/index.ts or equivalent Replit server.

2. Base URLs: Update all VITE_API_BASE references to point to aethex.foundation instead of aethex.dev.

3. OAuth Redirect URIs: Update Discord OAuth app to use aethex.foundation callback URL.

4. CORS: Ensure Foundation server allows requests from Corp domain (aethex.dev).

8. NEW SSO ENDPOINTS TO BUILD (Foundation)

After copying existing code, build 3 new OAuth 2.0 endpoints on aethex.foundation:

1. /authorize (Foundation SSO Authorization)

Purpose: Initiate login flow for external apps (aethex.dev)

Response: Redirect user to /login with state preserved

2. /token (Foundation SSO Token Exchange)

Purpose: Exchange auth code for JWT token

3. /userinfo (Foundation SSO User Info)

Purpose: Fetch current logged-in user info (used by aethex.dev after login)

9. MIGRATION CHECKLIST

Before Starting Phase 1

• Verify all auth code is in code/client/pages/ and code/api/discord/*

• List all custom hooks used in auth flow (use-toast, etc.)

• Document all Supabase queries used for auth

• Get list of all environment variables currently in use

• Create a "mirror" directory structure on aethex.foundation (Replit)

During Phase 1

• Copy all page files (Login, Signup, Onboarding, Dashboard, etc.)

• Copy all context files (AuthContext, DiscordActivityContext, ThemeContext)

• Copy all component files (OAuthConnections, PassportSummary, etc.)

• Copy all API endpoint files (discord/oauth/, profile/ensure.ts, passport/)

• Copy all Supabase migrations

• Copy tailwind.config.js and global.css for styling

• Adapt all import paths for new directory structure

• Update all VITE_API_BASE references

• Update Discord OAuth app redirect URIs

• Set up environment variables on Replit

Testing Phase 1

• Can users log in via Discord on aethex.foundation?

• Can users view their profile?

• Can users link additional OAuth providers?

• Can users access their passport?

• Are Supabase queries working correctly?

• Are Discord OAuth callbacks returning correct data?

10. SUCCESS CRITERIA FOR PHASE 1

✅ All auth pages render correctly on aethex.foundation ✅ Users can log in via Discord on aethex.foundation ✅ Users can link additional accounts (Google, etc.) ✅ Passports display correctly ✅ All OAuth callbacks complete without errors ✅ Supabase access is working (read/write to user_profiles) ✅ Code is ready for Phase 2 (permission migration)

11. ESTIMATED EFFORT

12. BLOCKERS & RISKS

Risk 1: API endpoints on Vercel may not work on Replit without refactoring → Mitigation: Convert to Express routes on Replit server

Risk 2: Environment variable names differ between Vercel and Replit → Mitigation: Use consistent naming convention

Risk 3: Supabase RLS policies may prevent new app from writing to tables → Mitigation: Phase 2 handles permission migration

Risk 4: Discord OAuth app may not accept aethex.foundation as redirect URI → Mitigation: Update Discord app settings before testing

Next Steps

1. Review & Approve Scope: Confirm this list is complete

2. Set up Replit Structure: Create mirrored directories on aethex.foundation

3. Start Code Copy: Begin with pages, then contexts, then components

4. Adapt & Test: Fix imports, test each piece as copied

5. Proceed to Phase 2: Once Phase 1 is solid, move to database permission migration