πPROTECTED DISCORD ACTIVITY CODE INVENTORY
β οΈ CRITICAL CONSTRAINT: The following files, routes, and systems are LOCKED and MUST NOT be modified during the aethex.dev developer platform refactoring.
π Protected API Endpoints
Discord OAuth & Linking System
π
/api/discord/oauth/start.ts- Discord OAuth initiationπ
/api/discord/oauth/callback.ts- Discord OAuth callback handlerπ
/api/discord/link.ts- Discord account linkingπ
/api/discord/create-linking-session.ts- Linking session managementπ
/api/discord/verify-code.ts- Discord verification code handlerπ
/api/discord/token.ts- Discord token managementπ
/api/discord/activity-auth.ts- Discord Activity authentication
Why Protected: These endpoints handle the complete Discord integration flow for user authentication, account linking, and Activity-based authentication. Any changes could break Discord bot commands (/verify) and OAuth flows.
π Protected Client Routes (App.tsx)
Discord Activity Routes
π
/discordβ<DiscordActivity />component (Line 310)π
/discord/callbackβ<DiscordOAuthCallback />component (Line 311-314)π
/discord-verifyβ<DiscordVerify />component (Line 291-293)π
/profile/link-discordβ<DiscordVerify />component (Line 260-262)π
/activityβ<Activity />component (Line 308)
Why Protected: These routes are critical for Discord Activity functionality, OAuth callbacks, and account linking. The /discord route is specifically designed for Discord Activity embedded experiences.
π Protected React Components
Context Providers
π
/client/contexts/DiscordContext.tsx- Discord state managementπ
/client/contexts/DiscordActivityContext.tsx- Discord Activity detection & state
Page Components
π
/client/pages/DiscordActivity.tsx- Main Discord Activity experienceπ
/client/pages/DiscordOAuthCallback.tsx- OAuth callback handler pageπ
/client/pages/DiscordVerify.tsx- Discord account verification/linking page
Why Protected: These components implement the Discord Activity SDK integration and manage the specialized Discord-embedded experience. They include critical logic for detecting if the app is running inside Discord and adjusting the UI accordingly.
π Protected Configuration Files
Discord Manifest
π
/public/discord-manifest.json- Discord Activity configuration
Contents:
Why Protected: This manifest is required for Discord to recognize and embed the Activity. The application ID and RPC origins are critical for Activity functionality.
Environment Variables
π
VITE_DISCORD_CLIENT_ID- Discord application client IDπ
DISCORD_CLIENT_SECRET- Discord OAuth secret (server-side)π
DISCORD_REDIRECT_URI- OAuth callback URL
Reference: .env.discord.example
Why Protected: These credentials are specific to the Discord Activity application and must remain consistent.
π Protected App.tsx Integration Points
Provider Wrapper Structure (Lines 178-185)
Why Protected: The nesting order of these providers is critical. DiscordActivityProvider must wrap everything to detect Activity mode, and DiscordProvider manages Discord SDK initialization.
DiscordActivityWrapper Component (Lines 165-177)
Why Protected: This wrapper conditionally applies Activity-specific layouts when running inside Discord, ensuring proper display in the embedded environment.
π Protected Documentation Files
The following 14+ Discord-related documentation files exist and should be CONSOLIDATED (not deleted) as part of the developer platform refactoring:
Critical Setup & Configuration Docs
DISCORD-ACTIVITY-SETUP.md- Initial setup guideDISCORD-ACTIVITY-DEPLOYMENT.md- Deployment instructionsDISCORD-PORTAL-SETUP.md- Discord Developer Portal configurationDISCORD-OAUTH-SETUP-VERIFICATION.md- OAuth verification checklist
Implementation & Technical Docs
DISCORD-ACTIVITY-SPA-IMPLEMENTATION.md- SPA mode implementation detailsDISCORD-ACTIVITY-DIAGNOSTIC.md- Diagnostic tools and debuggingDISCORD-ACTIVITY-TROUBLESHOOTING.md- Common issues and solutionsDISCORD-COMPLETE-FLOWS.md- Complete user flow documentation
OAuth & Linking System Docs
DISCORD-LINKING-FIXES-APPLIED.md- Historical fixes for linking flowDISCORD-LINKING-FLOW-ANALYSIS.md- Technical analysis of linking systemDISCORD-OAUTH-NO-AUTO-CREATE.md- OAuth behavior documentationDISCORD-OAUTH-VERIFICATION.md- OAuth verification guide
Bot & Admin Docs
DISCORD-ADMIN-COMMANDS-REGISTRATION.md- Bot command registrationDISCORD-BOT-TOKEN-FIX.md- Bot token configuration fixes
β οΈ CONSOLIDATION PLAN: These 14 documents should be consolidated into 3 comprehensive guides:
discord-integration-guide.md (Getting Started)
discord-activity-reference.md (Technical Reference)
discord-deployment.md (Production Guide)
Rule: Archive originals in /docs/archive/discord/, don't delete.
β
Safe to Modify (Boundaries)
While Discord Activity code is protected, you CAN modify:
Navigation & Layout
β Add Discord routes to new developer platform navigation
β Update global navigation styling (as long as Discord pages remain accessible)
β Add breadcrumbs that include Discord routes
Documentation Reference
β Create API reference documentation that documents (but doesn't modify) Discord endpoints
β Link to Discord integration guides from new developer docs
β Create tutorials that use Discord Activity as an example
Design System
β Apply new design system components to non-Discord pages
β Update Tailwind config (Discord components will inherit global styles)
β Update theme colors (Discord Activity will adapt via CSS variables)
Authentication
β Integrate Discord OAuth with new developer dashboard (read-only, display linked status)
β Show Discord connection status in new profile settings
π« NEVER DO
β Rename Discord routes (
/discord,/discord-verify,/discord/callback)β Modify Discord API endpoint logic (
/api/discord/*)β Change Discord context provider structure
β Remove or reorder
DiscordActivityProviderorDiscordProviderβ Modify Discord manifest file
β Change Discord environment variable names
β Delete Discord documentation (archive instead)
β Refactor Discord Activity components
β Remove Discord Activity detection logic
π Protected Dependencies
The following NPM packages are critical for Discord Activity and must remain:
@discord/embedded-app-sdk(if used) - Discord Activity SDKDiscord OAuth libraries (check package.json)
Action Required: Verify exact Discord dependencies in package.json
β
Refactoring Strategy
Safe Approach:
β Build new developer platform AROUND Discord Activity
β Create new routes (
/dashboard,/docs,/api-reference) that don't conflictβ Add Discord Activity as a featured integration in new docs
β Link from developer dashboard to existing Discord pages
β Consolidate documentation into 3 guides, archive originals
Example Safe Structure:
π Pre-Refactor Verification Checklist
Before making ANY changes, verify these items work:
If any of these fail, DO NOT PROCEED with refactoring until fixed.
π― Summary
Protected Files Count:
7 API endpoints
5 client routes
3 React page components
2 context providers
1 manifest file
3 environment variables
14+ documentation files
Golden Rule:
"Refactoring can happen AROUND Discord Activity, but never TO it."
Emergency Contact: If Discord Activity breaks during refactoring, immediately:
Git revert to last working commit
Check this document for what was changed
Verify all protected files are intact
Test the pre-refactor verification checklist
Document Version: 1.0 Created: January 7, 2026 Last Updated: January 7, 2026 Status: ACTIVE PROTECTION
Last updated