cursor-usage-tracker 1.16.0 → 1.17.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +38 -1
- package/package.json +2 -1
package/README.md
CHANGED
|
@@ -193,7 +193,6 @@ DASHBOARD_URL=http://localhost:3000
|
|
|
193
193
|
|
|
194
194
|
# Optional
|
|
195
195
|
CRON_SECRET=your_secret_here # protects the cron endpoint
|
|
196
|
-
DASHBOARD_PASSWORD=your_password # optional basic auth for the dashboard
|
|
197
196
|
|
|
198
197
|
# Email alerts via Resend (optional)
|
|
199
198
|
RESEND_API_KEY=re_xxxxxxxxxxxx
|
|
@@ -376,6 +375,44 @@ The import uses HiBob's `Group` and `Team` columns (falling back to `Department`
|
|
|
376
375
|
|
|
377
376
|
---
|
|
378
377
|
|
|
378
|
+
## Authentication
|
|
379
|
+
|
|
380
|
+
Authentication is **fully optional**. When no auth environment variables are set, the dashboard is open (the default behavior). Setting `AUTH_SECRET` enables Google OAuth sign-in.
|
|
381
|
+
|
|
382
|
+
### Setup
|
|
383
|
+
|
|
384
|
+
1. Create a [Google OAuth app](https://console.cloud.google.com/apis/credentials) with redirect URI:
|
|
385
|
+
- Local: `http://localhost:3000/api/auth/callback/google`
|
|
386
|
+
- Production: `https://your-domain.com/api/auth/callback/google`
|
|
387
|
+
|
|
388
|
+
2. Add to your `.env`:
|
|
389
|
+
|
|
390
|
+
```bash
|
|
391
|
+
AUTH_SECRET=$(openssl rand -base64 32) # encryption key for sessions
|
|
392
|
+
AUTH_GOOGLE_ID=your-client-id.apps.google... # Google OAuth client ID
|
|
393
|
+
AUTH_GOOGLE_SECRET=GOCSPX-... # Google OAuth client secret
|
|
394
|
+
AUTH_TRUST_HOST=true # required behind a reverse proxy
|
|
395
|
+
AUTH_URL=https://your-domain.com # public URL (auto-detected locally)
|
|
396
|
+
```
|
|
397
|
+
|
|
398
|
+
3. Optionally restrict access by domain or specific emails:
|
|
399
|
+
|
|
400
|
+
```bash
|
|
401
|
+
AUTH_ALLOWED_DOMAIN=yourcompany.com # only @yourcompany.com emails
|
|
402
|
+
AUTH_ALLOWED_EMAILS=admin@example.com,cto@example.com # or specific emails
|
|
403
|
+
```
|
|
404
|
+
|
|
405
|
+
When both are set, either match grants access. When neither is set, any Google account can sign in.
|
|
406
|
+
|
|
407
|
+
### How It Works
|
|
408
|
+
|
|
409
|
+
- Sessions use encrypted JWT cookies — no database tables needed
|
|
410
|
+
- The `/api/cron` endpoint is excluded from auth (it uses its own `CRON_SECRET`)
|
|
411
|
+
- Sign-in page appears automatically when auth is enabled
|
|
412
|
+
- User avatar and sign-out menu appear in the nav bar
|
|
413
|
+
|
|
414
|
+
---
|
|
415
|
+
|
|
379
416
|
## API Endpoints
|
|
380
417
|
|
|
381
418
|
| Endpoint | Method | Description |
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "cursor-usage-tracker",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.17.0",
|
|
4
4
|
"description": "Open-source Cursor IDE usage monitoring, anomaly detection, and alerting for enterprise teams",
|
|
5
5
|
"homepage": "https://github.com/ofershap/cursor-usage-tracker#readme",
|
|
6
6
|
"type": "module",
|
|
@@ -73,6 +73,7 @@
|
|
|
73
73
|
"@tailwindcss/postcss": "^4.1.18",
|
|
74
74
|
"better-sqlite3": "^12.6.2",
|
|
75
75
|
"next": "^16.1.6",
|
|
76
|
+
"next-auth": "^5.0.0-beta.30",
|
|
76
77
|
"react": "^19.2.4",
|
|
77
78
|
"react-dom": "^19.2.4",
|
|
78
79
|
"recharts": "^3.7.0",
|