connections page overhaul

# Conflicts:
#	src/lib/opnsense/wg.ts

.env.example

@@ -1,4 +1,4 @@
-DATABASE_URL=file:local.db
+DATABASE_URL=local.db
 AUTH_DOMAIN=auth.lab.cazzzer.com
 AUTH_CLIENT_ID=
 AUTH_CLIENT_SECRET=
@@ -8,11 +8,3 @@ OPNSENSE_API_URL=https://opnsense.home
 OPNSENSE_API_KEY=
 OPNSENSE_API_SECRET=
 OPNSENSE_WG_IFNAME=wg2
-
-IPV4_STARTING_ADDR=10.18.11.100
-IPV6_STARTING_ADDR=fd00:10:18:11::100:0
-IPV6_CLIENT_PREFIX_SIZE=112
-IP_MAX_INDEX=100
-VPN_ENDPOINT=vpn.lab.cazzzer.com:51820
-VPN_DNS=10.18.11.1,fd00:10:18:11::1
-MAX_CLIENTS_PER_USER=20

.idea/codeStyles/Project.xml

@@ -9,7 +9,7 @@
       <option name="SPACE_BEFORE_FUNCTION_LEFT_PARENTH" value="false" />
       <option name="USE_DOUBLE_QUOTES" value="false" />
       <option name="FORCE_QUOTE_STYlE" value="true" />
-      <option name="ENFORCE_TRAILING_COMMA" value="WhenMultiline" />
+      <option name="ENFORCE_TRAILING_COMMA" value="Remove" />
       <option name="SPACES_WITHIN_OBJECT_LITERAL_BRACES" value="true" />
       <option name="SPACES_WITHIN_IMPORTS" value="true" />
     </JSCodeStyleSettings>
@@ -120,7 +120,7 @@
       <option name="SPACE_BEFORE_FUNCTION_LEFT_PARENTH" value="false" />
       <option name="USE_DOUBLE_QUOTES" value="false" />
       <option name="FORCE_QUOTE_STYlE" value="true" />
-      <option name="ENFORCE_TRAILING_COMMA" value="WhenMultiline" />
+      <option name="ENFORCE_TRAILING_COMMA" value="Remove" />
       <option name="SPACES_WITHIN_OBJECT_LITERAL_BRACES" value="true" />
       <option name="SPACES_WITHIN_IMPORTS" value="true" />
     </TypeScriptCodeStyleSettings>

.idea/dataSources.xml

@@ -1,20 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="DataSourceManagerImpl" format="xml" multifile-model="true">
-    <data-source source="LOCAL" name="local" uuid="f362368b-ba47-4270-9f81-b0d8484b9928">
-      <driver-ref>sqlite.xerial</driver-ref>
-      <synchronize>true</synchronize>
-      <jdbc-driver>org.sqlite.JDBC</jdbc-driver>
-      <jdbc-url>jdbc:sqlite:$PROJECT_DIR$/local.db</jdbc-url>
-      <working-dir>$ProjectFileDir$</working-dir>
-      <libraries>
-        <library>
-          <url>file://$APPLICATION_CONFIG_DIR$/jdbc-drivers/Xerial SQLiteJDBC/3.45.1/org/xerial/sqlite-jdbc/3.45.1.0/sqlite-jdbc-3.45.1.0.jar</url>
-        </library>
-        <library>
-          <url>file://$APPLICATION_CONFIG_DIR$/jdbc-drivers/Xerial SQLiteJDBC/3.45.1/org/slf4j/slf4j-api/1.7.36/slf4j-api-1.7.36.jar</url>
-        </library>
-      </libraries>
-    </data-source>
-  </component>
-</project>

.prettierrc

@@ -1,6 +1,7 @@
 {
 	"useTabs": true,
 	"singleQuote": true,
+	"trailingComma": "none",
 	"printWidth": 100,
 	"plugins": ["prettier-plugin-svelte", "prettier-plugin-tailwindcss"],
 	"overrides": [

bruno/opnsense-api/Add Client Builder.bru

@@ -22,6 +22,7 @@ body:json {
       "pubkey": "{{clientPubkey}}",
       "psk": "{{psk}}",
       "tunneladdress": "{{clientTunnelAddress}}",
+      "keepalive": "",
       "server": "{{serverUuid}}",
       "endpoint": "{{vpn_endpoint}}"
     }
@@ -29,7 +30,7 @@ body:json {
 }
 
 vars:pre-request {
-  clientName: vpgen-CaZzzer
+  clientName: vpgen-test
   clientPubkey: BJ5faPVJsDP4CCxNYilmKnwlQXOtXEOJjqIwb4U/CgM=
   psk: 0LWopbrISXBNHUxr+WOhCSAg+0hD8j3TLmpyzHkBHCQ=
   clientTunnelAddress: 10.18.11.101/32,fd00::1/128

drizzle/0000_young_wong.sql

@@ -1,32 +0,0 @@
-CREATE TABLE `ip_allocations` (
-	`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
-	`client_id` integer,
-	FOREIGN KEY (`client_id`) REFERENCES `wg_clients`(`id`) ON UPDATE no action ON DELETE set null
-);
---> statement-breakpoint
-CREATE UNIQUE INDEX `ip_allocations_client_id_unique` ON `ip_allocations` (`client_id`);--> statement-breakpoint
-CREATE TABLE `sessions` (
-	`id` text PRIMARY KEY NOT NULL,
-	`user_id` text NOT NULL,
-	`expires_at` integer NOT NULL,
-	FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON UPDATE no action ON DELETE no action
-);
---> statement-breakpoint
-CREATE TABLE `users` (
-	`id` text PRIMARY KEY NOT NULL,
-	`username` text NOT NULL,
-	`name` text NOT NULL
-);
---> statement-breakpoint
-CREATE TABLE `wg_clients` (
-	`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
-	`user_id` text NOT NULL,
-	`name` text NOT NULL,
-	`opnsense_id` text,
-	`public_key` text NOT NULL,
-	`private_key` text,
-	`pre_shared_key` text,
-	FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON UPDATE no action ON DELETE no action
-);
---> statement-breakpoint
-CREATE UNIQUE INDEX `wg_clients_public_key_unique` ON `wg_clients` (`public_key`);

drizzle/meta/0000_snapshot.json

@@ -1,221 +0,0 @@
-{
-  "version": "6",
-  "dialect": "sqlite",
-  "id": "29e6fd88-fa47-4f79-ad83-c52538bc36a6",
-  "prevId": "00000000-0000-0000-0000-000000000000",
-  "tables": {
-    "ip_allocations": {
-      "name": "ip_allocations",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "integer",
-          "primaryKey": true,
-          "notNull": true,
-          "autoincrement": true
-        },
-        "client_id": {
-          "name": "client_id",
-          "type": "integer",
-          "primaryKey": false,
-          "notNull": false,
-          "autoincrement": false
-        }
-      },
-      "indexes": {
-        "ip_allocations_client_id_unique": {
-          "name": "ip_allocations_client_id_unique",
-          "columns": [
-            "client_id"
-          ],
-          "isUnique": true
-        }
-      },
-      "foreignKeys": {
-        "ip_allocations_client_id_wg_clients_id_fk": {
-          "name": "ip_allocations_client_id_wg_clients_id_fk",
-          "tableFrom": "ip_allocations",
-          "tableTo": "wg_clients",
-          "columnsFrom": [
-            "client_id"
-          ],
-          "columnsTo": [
-            "id"
-          ],
-          "onDelete": "set null",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "checkConstraints": {}
-    },
-    "sessions": {
-      "name": "sessions",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "text",
-          "primaryKey": true,
-          "notNull": true,
-          "autoincrement": false
-        },
-        "user_id": {
-          "name": "user_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true,
-          "autoincrement": false
-        },
-        "expires_at": {
-          "name": "expires_at",
-          "type": "integer",
-          "primaryKey": false,
-          "notNull": true,
-          "autoincrement": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {
-        "sessions_user_id_users_id_fk": {
-          "name": "sessions_user_id_users_id_fk",
-          "tableFrom": "sessions",
-          "tableTo": "users",
-          "columnsFrom": [
-            "user_id"
-          ],
-          "columnsTo": [
-            "id"
-          ],
-          "onDelete": "no action",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "checkConstraints": {}
-    },
-    "users": {
-      "name": "users",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "text",
-          "primaryKey": true,
-          "notNull": true,
-          "autoincrement": false
-        },
-        "username": {
-          "name": "username",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true,
-          "autoincrement": false
-        },
-        "name": {
-          "name": "name",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true,
-          "autoincrement": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {},
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "checkConstraints": {}
-    },
-    "wg_clients": {
-      "name": "wg_clients",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "integer",
-          "primaryKey": true,
-          "notNull": true,
-          "autoincrement": true
-        },
-        "user_id": {
-          "name": "user_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true,
-          "autoincrement": false
-        },
-        "name": {
-          "name": "name",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true,
-          "autoincrement": false
-        },
-        "opnsense_id": {
-          "name": "opnsense_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false,
-          "autoincrement": false
-        },
-        "public_key": {
-          "name": "public_key",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true,
-          "autoincrement": false
-        },
-        "private_key": {
-          "name": "private_key",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false,
-          "autoincrement": false
-        },
-        "pre_shared_key": {
-          "name": "pre_shared_key",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false,
-          "autoincrement": false
-        }
-      },
-      "indexes": {
-        "wg_clients_public_key_unique": {
-          "name": "wg_clients_public_key_unique",
-          "columns": [
-            "public_key"
-          ],
-          "isUnique": true
-        }
-      },
-      "foreignKeys": {
-        "wg_clients_user_id_users_id_fk": {
-          "name": "wg_clients_user_id_users_id_fk",
-          "tableFrom": "wg_clients",
-          "tableTo": "users",
-          "columnsFrom": [
-            "user_id"
-          ],
-          "columnsTo": [
-            "id"
-          ],
-          "onDelete": "no action",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "checkConstraints": {}
-    }
-  },
-  "views": {},
-  "enums": {},
-  "_meta": {
-    "schemas": {},
-    "tables": {},
-    "columns": {}
-  },
-  "internal": {
-    "indexes": {}
-  }
-}

drizzle/meta/_journal.json

@@ -1,13 +0,0 @@
-{
-  "version": "7",
-  "dialect": "sqlite",
-  "entries": [
-    {
-      "idx": 0,
-      "version": "6",
-      "when": 1735028333867,
-      "tag": "0000_young_wong",
-      "breakpoints": true
-    }
-  ]
-}

package.json

@@ -11,10 +11,8 @@
 		"format": "prettier --write .",
 		"lint": "prettier --check . && eslint .",
 		"db:push": "drizzle-kit push",
-		"db:generate": "drizzle-kit generate",
 		"db:migrate": "drizzle-kit migrate",
-		"db:studio": "drizzle-kit studio",
+		"db:studio": "drizzle-kit studio"
-		"db:seed": "bun run ./src/lib/server/db/seed.ts"
 	},
 	"devDependencies": {
 		"@sveltejs/adapter-auto": "^3.0.0",
@@ -25,11 +23,10 @@
 		"@tailwindcss/typography": "^0.5.15",
 		"@types/better-sqlite3": "^7.6.11",
 		"@types/eslint": "^9.6.0",
-		"@types/qrcode-svg": "^1.1.5",
 		"autoprefixer": "^10.4.20",
 		"bits-ui": "^0.21.16",
 		"clsx": "^2.1.1",
-		"drizzle-kit": "^0.30.1",
+		"drizzle-kit": "^0.22.0",
 		"eslint": "^9.7.0",
 		"eslint-config-prettier": "^9.1.0",
 		"eslint-plugin-svelte": "^2.36.0",
@@ -47,13 +44,11 @@
 		"vite": "^5.0.3"
 	},
 	"dependencies": {
-		"@libsql/client": "^0.14.0",
 		"@oslojs/crypto": "^1.0.1",
 		"@oslojs/encoding": "^1.1.0",
 		"arctic": "^2.2.1",
-		"drizzle-orm": "^0.38.2",
+		"better-sqlite3": "^11.1.2",
-		"ip-address": "^10.0.1",
+		"drizzle-orm": "^0.33.0",
-		"lucide-svelte": "^0.454.0",
+		"lucide-svelte": "^0.454.0"
-		"qrcode-svg": "^1.1.0"
 	}
 }

src/app.css

@@ -4,16 +4,16 @@
 
 @layer base {
   :root {
-    --background: 0 0% 90%;
+    --background: 0 0% 100%;
     --foreground: 222.2 84% 4.9%;
 
     --muted: 210 40% 96.1%;
     --muted-foreground: 215.4 16.3% 46.9%;
 
-    --popover: 0 0% 90%;
+    --popover: 0 0% 100%;
     --popover-foreground: 222.2 84% 4.9%;
 
-    --card: 0 0% 90%;
+    --card: 0 0% 100%;
     --card-foreground: 222.2 84% 4.9%;
 
     --border: 214.3 31.8% 91.4%;
@@ -22,10 +22,10 @@
     --primary: 222.2 47.4% 11.2%;
     --primary-foreground: 210 40% 98%;
 
-    --secondary: 210 26% 86%;
+    --secondary: 210 40% 96.1%;
     --secondary-foreground: 222.2 47.4% 11.2%;
 
-    --accent: 210 26% 86%;
+    --accent: 210 40% 96.1%;
     --accent-foreground: 222.2 47.4% 11.2%;
 
     --destructive: 0 72.2% 50.6%;
@@ -39,31 +39,31 @@
   @media (prefers-color-scheme: dark) {
     :root {
       --background: 222.2 84% 4.9%;
-      --foreground: 210 40% 90%;
+      --foreground: 210 40% 98%;
 
       --muted: 217.2 32.6% 17.5%;
       --muted-foreground: 215 20.2% 65.1%;
 
       --popover: 222.2 84% 4.9%;
-      --popover-foreground: 210 40% 90%;
+      --popover-foreground: 210 40% 98%;
 
       --card: 222.2 84% 4.9%;
-      --card-foreground: 210 40% 90%;
+      --card-foreground: 210 40% 98%;
 
       --border: 217.2 32.6% 17.5%;
       --input: 217.2 32.6% 17.5%;
 
-      --primary: 210 40% 90%;
+      --primary: 210 40% 98%;
       --primary-foreground: 222.2 47.4% 11.2%;
 
       --secondary: 217.2 32.6% 17.5%;
-      --secondary-foreground: 210 40% 90%;
+      --secondary-foreground: 210 40% 98%;
 
       --accent: 217.2 32.6% 17.5%;
-      --accent-foreground: 210 40% 90%;
+      --accent-foreground: 210 40% 98%;
 
       --destructive: 0 62.8% 30.6%;
-      --destructive-foreground: 210 40% 90%;
+      --destructive-foreground: 210 40% 98%;
 
       --ring: 212.7 26.8% 83.9%;
     }

src/hooks.server.ts

@@ -31,16 +31,13 @@ const handleAuth: Handle = async ({ event, resolve }) => {
 };
 
 
-const authRequired = [
+const authRequired = new Set([
-	/^\/api/,
+	'/user',
-	/^\/user/,
+	'/connections',
-	/^\/connections/,
+	'/api/connections',
-	/^\/clients/,
+]);
-];
 const handleProtectedPaths: Handle = ({ event, resolve }) => {
-	const isProtected = authRequired.some((re) => re.test(event.url.pathname));
+	if (authRequired.has(event.url.pathname) && !event.locals.user) {
-
-	if (!event.locals.user && isProtected) {
 		return redirect(302, '/');
 	}
 	return resolve(event);

src/lib/clients.ts

@@ -1,33 +0,0 @@
-import type { ClientDetails } from '$lib/types/clients';
-
-/**
- * Convert client details to WireGuard configuration.
- *
- * ```conf
- * [Interface]
- * PrivateKey = wPa07zR0H4wYoc1ljfeiqlSbR8Z28pPc6jplwE7zPms=
- * Address = 10.18.11.100/32,fd00::1/128
- * DNS = 10.18.11.1,fd00::0
- *
- * [Peer]
- * PublicKey = BJ5faPVJsDP4CCxNYilmKnwlQXOtXEOJjqIwb4U/CgM=
- * PresharedKey = uhZUVqXKF0oayP0BS6yPu6Gepgh68Nz9prtbE5Cuok0=
- * Endpoint = vpn.lab.cazzzer.com:51820
- * AllowedIPs = 0.0.0.0/0,::/0
- * ```
- * @param client
- */
-export function clientDetailsToConfig(client: ClientDetails): string {
-	return `\
-[Interface]
-PrivateKey = ${client.privateKey}
-Address = ${client.ips.join(', ')}
-DNS = ${client.vpnDns}
-
-[Peer]
-PublicKey = ${client.vpnPublicKey}
-PresharedKey = ${client.preSharedKey}
-Endpoint = ${client.vpnEndpoint}
-AllowedIPs = 0.0.0.0/0,::/0
-`;
-}

src/lib/opnsense/wg.ts

@@ -59,49 +59,3 @@ export interface OpnsenseWgPeers {
  * };
  * ```
  */
-
-export interface OpnsenseWgServers {
-	status: "ok" | string | number;
-	rows: {
-		name: string;
-		uuid: string;
-	}[];
-}
-
-/**
- * Sample response for OPNsense WireGuard clients
- * ```json
- * {
- *   "rows": [
- *     {
- *       "uuid": "d99334de-7671-4ca7-9c9b-5f5578acae70",
- *       "enabled": "1",
- *       "name": "Yura-TPX13",
- *       "pubkey": "iJa5JmJbMHNlbEluNwoB2Q8LyrPAfb7S/mluanMcI08=",
- *       "tunneladdress": "fd00::1/112,10.6.0.3/32",
- *       "serveraddress": "",
- *       "serverport": "",
- *       "servers": "wg0"
- *     }
- *   ],
- *   "rowCount": 1,
- *   "total": 10,
- *   "current": 1
- * }
- * ```
- */
-export interface OpnsenseWgClients {
-	rowCount: number;
-	total: number;
-	current: number;
-	rows: {
-		uuid: string;
-		enabled: string;
-		name: string;
-		pubkey: string;
-		tunneladdress: string;
-		serveraddress: string;
-		serverport: string;
-		servers: string;
-	}[];
-}

src/lib/server/auth.ts

@@ -23,7 +23,7 @@ export async function createSession(userId: string): Promise<table.Session> {
 		userId,
 		expiresAt: new Date(Date.now() + DAY_IN_MS * 30)
 	};
-	await db.insert(table.sessions).values(session);
+	await db.insert(table.session).values(session);
 	return session;
 }
 
@@ -38,7 +38,7 @@ export function setSessionTokenCookie(event: RequestEvent, sessionId: string, ex
 }
 
 export async function invalidateSession(sessionId: string): Promise<void> {
-	await db.delete(table.sessions).where(eq(table.sessions.id, sessionId));
+	await db.delete(table.session).where(eq(table.session.id, sessionId));
 }
 
 export function deleteSessionTokenCookie(event: RequestEvent) {
@@ -49,12 +49,12 @@ export async function validateSession(sessionId: string) {
 	const [result] = await db
 		.select({
 			// Adjust user table here to tweak returned data
-			user: { id: table.users.id, username: table.users.username, name: table.users.name },
+			user: { id: table.user.id, username: table.user.username, name: table.user.name },
-			session: table.sessions
+			session: table.session
 		})
-		.from(table.sessions)
+		.from(table.session)
-		.innerJoin(table.users, eq(table.sessions.userId, table.users.id))
+		.innerJoin(table.user, eq(table.session.userId, table.user.id))
-		.where(eq(table.sessions.id, sessionId));
+		.where(eq(table.session.id, sessionId));
 
 	if (!result) {
 		return { session: null, user: null };
@@ -63,7 +63,7 @@ export async function validateSession(sessionId: string) {
 
 	const sessionExpired = Date.now() >= session.expiresAt.getTime();
 	if (sessionExpired) {
-		await db.delete(table.sessions).where(eq(table.sessions.id, session.id));
+		await db.delete(table.session).where(eq(table.session.id, session.id));
 		return { session: null, user: null };
 	}
 
@@ -71,9 +71,9 @@ export async function validateSession(sessionId: string) {
 	if (renewSession) {
 		session.expiresAt = new Date(Date.now() + DAY_IN_MS * 30);
 		await db
-			.update(table.sessions)
+			.update(table.session)
 			.set({ expiresAt: session.expiresAt })
-			.where(eq(table.sessions.id, session.id));
+			.where(eq(table.session.id, session.id));
 	}
 
 	return { session, user };

src/lib/server/clients.ts

@@ -1,227 +0,0 @@
-import type { User } from '$lib/server/db/schema';
-import { db } from '$lib/server/db';
-import { wgClients, ipAllocations } from '$lib/server/db/schema';
-import { opnsenseAuth, opnsenseUrl, serverPublicKey, serverUuid } from '$lib/server/opnsense';
-import { Address4, Address6 } from 'ip-address';
-import {
-	IP_MAX_INDEX,
-	IPV4_STARTING_ADDR,
-	IPV6_CLIENT_PREFIX_SIZE,
-	IPV6_STARTING_ADDR,
-	MAX_CLIENTS_PER_USER,
-	VPN_DNS,
-	VPN_ENDPOINT,
-} from '$env/static/private';
-import { and, count, eq, isNull } from 'drizzle-orm';
-import { err, ok, type Result } from '$lib/types';
-import type { ClientDetails } from '$lib/types/clients';
-
-export async function findClients(userId: string) {
-	return db.query.wgClients.findMany({
-		columns: {
-			id: true,
-			name: true,
-			publicKey: true,
-			privateKey: true,
-			preSharedKey: true,
-		},
-		with: {
-			ipAllocation: true,
-		},
-		where: eq(wgClients.userId, userId),
-	});
-}
-
-export async function findClient(userId: string, clientId: number) {
-	return db.query.wgClients.findFirst({
-		columns: {
-			id: true,
-			name: true,
-			publicKey: true,
-			privateKey: true,
-			preSharedKey: true,
-		},
-		with: {
-			ipAllocation: true,
-		},
-		where: and(eq(wgClients.userId, userId), eq(wgClients.id, clientId)),
-	});
-}
-
-export function mapClientToDetails(
-	client: Awaited<ReturnType<typeof findClients>>[0],
-): ClientDetails {
-	const ips = getIpsFromIndex(client.ipAllocation.id);
-	return {
-		id: client.id,
-		name: client.name,
-		publicKey: client.publicKey,
-		privateKey: client.privateKey,
-		preSharedKey: client.preSharedKey,
-		ips,
-		vpnPublicKey: serverPublicKey,
-		vpnEndpoint: VPN_ENDPOINT,
-		vpnDns: VPN_DNS,
-	};
-}
-
-export async function createClient(params: {
-	name: string;
-	user: User;
-}): Promise<Result<null, [400 | 500, string]>> {
-	// check if user exceeds the limit of clients
-	const [{ clientCount }] = await db
-		.select({ clientCount: count() })
-		.from(wgClients)
-		.where(eq(wgClients.userId, params.user.id));
-	if (clientCount >= parseInt(MAX_CLIENTS_PER_USER))
-		return err([400, 'Maximum number of clients reached'] as [400, string]);
-
-	// this is going to be quite long
-	// 1. fetch params for new client from opnsense api
-	// 2.1 get an allocation for the client
-	// 2.2. insert new client into db
-	// 2.3. update the allocation with the client id
-	// 3. create the client in opnsense
-	// 4. reconfigure opnsense to enable the new client
-	const error = await db.transaction(async (tx) => {
-		const [keys, availableAllocation, lastAllocation] = await Promise.all([
-			// fetch params for new client from opnsense api
-			getKeys(),
-			// find first unallocated IP
-			await tx.query.ipAllocations.findFirst({
-				columns: {
-					id: true,
-				},
-				where: isNull(ipAllocations.clientId),
-			}),
-			// find last allocation to check if we have any IPs left
-			await tx.query.ipAllocations.findFirst({
-				columns: {
-					id: true,
-				},
-				orderBy: (ipAllocations, { desc }) => desc(ipAllocations.id),
-			}),
-		]);
-
-		// check for existing allocation or if we have any IPs left
-		if (!availableAllocation && lastAllocation && lastAllocation.id >= parseInt(IP_MAX_INDEX)) {
-			return err([500, 'No more IP addresses available'] as [500, string]);
-		}
-
-		// use existing allocation or create a new one
-		const ipAllocationId =
-			availableAllocation?.id ??
-			(await tx.insert(ipAllocations).values({}).returning({ id: ipAllocations.id }))[0].id;
-
-		// transaction savepoint after creating a new IP allocation
-		// TODO: not sure if this is needed
-		return await tx.transaction(async (tx2) => {
-			// create new client in db
-			const [newClient] = await tx2
-				.insert(wgClients)
-				.values({
-					userId: params.user.id,
-					name: params.name,
-					publicKey: keys.pubkey,
-					privateKey: keys.privkey,
-					preSharedKey: keys.psk,
-				})
-				.returning({ id: wgClients.id });
-
-			// update IP allocation with client ID
-			await tx2
-				.update(ipAllocations)
-				.set({ clientId: newClient.id })
-				.where(eq(ipAllocations.id, ipAllocationId));
-
-			// create client in opnsense
-			const opnsenseRes = await opnsenseCreateClient({
-				username: params.user.username,
-				pubkey: keys.pubkey,
-				psk: keys.psk,
-				allowedIps: getIpsFromIndex(ipAllocationId).join(','),
-			});
-			const opnsenseResJson = await opnsenseRes.json();
-			if (opnsenseResJson['result'] !== 'saved') {
-				tx2.rollback();
-				console.error(`Error creating client in OPNsense: \n${opnsenseResJson}`);
-				return err([500, 'Error creating client in OPNsense'] as [500, string]);
-			}
-
-			// reconfigure opnsense
-			await opnsenseReconfigure();
-		});
-	});
-	if (error) return error;
-	return ok(null);
-}
-
-async function getKeys() {
-	// fetch key pair from opnsense
-	const options: RequestInit = {
-		method: 'GET',
-		headers: {
-			Authorization: opnsenseAuth,
-			Accept: 'application/json',
-		},
-	};
-	const resKeyPair = await fetch(`${opnsenseUrl}/api/wireguard/server/key_pair`, options);
-	const resPsk = await fetch(`${opnsenseUrl}/api/wireguard/client/psk`, options);
-	const keyPair = await resKeyPair.json();
-	const psk = await resPsk.json();
-	return {
-		pubkey: keyPair['pubkey'] as string,
-		privkey: keyPair['privkey'] as string,
-		psk: psk['psk'] as string,
-	};
-}
-
-export function getIpsFromIndex(ipIndex: number) {
-	ipIndex -= 1; // 1-indexed in the db
-	const v4StartingAddr = new Address4(IPV4_STARTING_ADDR);
-	const v6StartingAddr = new Address6(IPV6_STARTING_ADDR);
-	const v4Allowed = Address4.fromBigInt(v4StartingAddr.bigInt() + BigInt(ipIndex));
-	const v6Offset = BigInt(ipIndex) << (128n - BigInt(IPV6_CLIENT_PREFIX_SIZE));
-	const v6Allowed = Address6.fromBigInt(v6StartingAddr.bigInt() + v6Offset);
-	const v6AllowedShort = v6Allowed.parsedAddress.join(':');
-
-	return [v4Allowed.address + '/32', v6AllowedShort + '/' + IPV6_CLIENT_PREFIX_SIZE];
-}
-
-async function opnsenseCreateClient(params: {
-	username: string;
-	pubkey: string;
-	psk: string;
-	allowedIps: string;
-}) {
-	return fetch(`${opnsenseUrl}/api/wireguard/client/addClientBuilder`, {
-		method: 'POST',
-		headers: {
-			Authorization: opnsenseAuth,
-			Accept: 'application/json',
-			'Content-Type': 'application/json',
-		},
-		body: JSON.stringify({
-			configbuilder: {
-				enabled: '1',
-				name: `vpgen-${params.username}`,
-				pubkey: params.pubkey,
-				psk: params.psk,
-				tunneladdress: params.allowedIps,
-				server: serverUuid,
-				endpoint: VPN_ENDPOINT,
-			},
-		}),
-	});
-}
-
-async function opnsenseReconfigure() {
-	return fetch(`${opnsenseUrl}/api/wireguard/service/reconfigure`, {
-		method: 'POST',
-		headers: {
-			Authorization: opnsenseAuth,
-			Accept: 'application/json',
-		},
-	});
-}

src/lib/server/db/index.ts

@@ -1,5 +1,8 @@
-import { drizzle } from 'drizzle-orm/libsql';
+import { drizzle } from 'drizzle-orm/better-sqlite3';
-import * as schema from './schema';
+import Database from 'better-sqlite3';
-import { DATABASE_URL } from '$env/static/private';
+import { env } from '$env/dynamic/private';
+import assert from 'node:assert';
 
-export const db= drizzle(DATABASE_URL, { schema });
+assert(env.DATABASE_URL, 'DATABASE_URL is not set');
+const client = new Database(env.DATABASE_URL);
+export const db = drizzle(client);

src/lib/server/db/schema.ts

@@ -1,66 +1,19 @@
 import { sqliteTable, text, integer } from 'drizzle-orm/sqlite-core';
-import { relations } from 'drizzle-orm';
 
-export const users = sqliteTable('users', {
+export const user = sqliteTable('user', {
 	id: text('id').primaryKey(),
 	username: text('username').notNull(),
 	name: text('name').notNull(),
 });
 
-export const usersRelations = relations(users, ({ many }) => ({
+export const session = sqliteTable('session', {
-	wgClients: many(wgClients),
-}));
-
-export const sessions = sqliteTable('sessions', {
 	id: text('id').primaryKey(),
 	userId: text('user_id')
 		.notNull()
-		.references(() => users.id),
+		.references(() => user.id),
-	expiresAt: integer('expires_at', { mode: 'timestamp' }).notNull(),
+	expiresAt: integer('expires_at', { mode: 'timestamp' }).notNull()
 });
 
-export const ipAllocations = sqliteTable('ip_allocations', {
+export type Session = typeof session.$inferSelect;
-	// for now, id will be the same as the ipIndex
-	id: integer('id').primaryKey({ autoIncrement: true }),
-	// clientId is nullable because allocations can remain after the client is deleted
-	// unique for now, only allowing one allocation per client
-	clientId: integer('client_id')
-		.unique()
-		.references(() => wgClients.id, { onDelete: 'set null' }),
-});
 
-export const wgClients = sqliteTable('wg_clients', {
+export type User = typeof user.$inferSelect;
-	id: integer().primaryKey({ autoIncrement: true }),
-	userId: text('user_id')
-		.notNull()
-		.references(() => users.id),
-	name: text('name').notNull(),
-	// questioning whether this should be nullable
-	opnsenseId: text('opnsense_id'),
-	publicKey: text('public_key').notNull().unique(),
-	// nullable for the possibility of a client supplying their own private key
-	privateKey: text('private_key'),
-	// nullable for the possibility of no psk
-	preSharedKey: text('pre_shared_key'),
-	// discarded ideas:
-	// (mostly because they make finding the next available ipIndex difficult)
-	// ipIndex: integer('ip_index').notNull().unique(),
-	// allowedIps: text('allowed_ips').notNull(),
-});
-
-export const wgClientsRelations = relations(wgClients, ({ one }) => ({
-	user: one(users, {
-		fields: [wgClients.userId],
-		references: [users.id],
-	}),
-	ipAllocation: one(ipAllocations, {
-		fields: [wgClients.id],
-		references: [ipAllocations.clientId],
-	}),
-}));
-
-export type WgClient = typeof wgClients.$inferSelect;
-
-export type Session = typeof sessions.$inferSelect;
-
-export type User = typeof users.$inferSelect;

src/lib/server/db/seed.ts

@@ -1,33 +0,0 @@
-import { ipAllocations, users, wgClients } from './schema';
-import { eq } from 'drizzle-orm';
-import assert from 'node:assert';
-import { drizzle } from 'drizzle-orm/libsql';
-import * as schema from '$lib/server/db/schema';
-
-assert(process.env.DATABASE_URL, 'DATABASE_URL is not set');
-const db = drizzle(process.env.DATABASE_URL, { schema });
-
-async function seed() {
-	const user = await db.query.users.findFirst({ where: eq(users.username, 'CaZzzer') });
-	assert(user, 'User not found');
-
-	const clients: typeof wgClients.$inferInsert[] = [
-		{
-			userId: user.id,
-			name: 'Client1',
-			publicKey: 'BJ5faPVJsDP4CCxNYilmKnwlQXOtXEOJjqIwb4U/CgM=',
-			privateKey: 'KKqsHDu30WCSrVsyzMkOKbE3saQ+wlx0sBwGs61UGXk=',
-			preSharedKey: '0LWopbrISXBNHUxr+WOhCSAg+0hD8j3TLmpyzHkBHCQ=',
-			// ipIndex: 1,
-			// allowedIps: '10.18.11.101/32,fd00::1/112',
-		},
-	];
-	const returned = await db.insert(wgClients).values(clients).returning({ insertedId: wgClients.id });
-
-	const ipAllocation: typeof ipAllocations.$inferInsert = {
-		clientId: returned[0].insertedId,
-	};
-	await db.insert(ipAllocations).values(ipAllocation);
-}
-
-seed();

src/lib/server/opnsense.ts

@@ -0,0 +1,11 @@
+import { env } from '$env/dynamic/private';
+import assert from 'node:assert';
+
+assert(env.OPNSENSE_API_URL, 'OPNSENSE_API_URL is not set');
+assert(env.OPNSENSE_API_KEY, 'OPNSENSE_API_KEY is not set');
+assert(env.OPNSENSE_API_SECRET, 'OPNSENSE_API_SECRET is not set');
+assert(env.OPNSENSE_WG_IFNAME, 'OPNSENSE_WG_IFNAME is not set');
+
+export const opnsenseUrl = env.OPNSENSE_API_URL;
+export const opnsenseAuth = `Basic ${Buffer.from(`${env.OPNSENSE_API_KEY}:${env.OPNSENSE_API_SECRET}`).toString('base64')}`
+export const opnsenseIfname = env.OPNSENSE_WG_IFNAME;

src/lib/server/opnsense/index.ts

@@ -1,49 +0,0 @@
-import { env } from '$env/dynamic/private';
-import assert from 'node:assert';
-import { encodeBasicCredentials } from 'arctic/dist/request';
-import { dev } from '$app/environment';
-import type { OpnsenseWgServers } from '$lib/opnsense/wg';
-
-assert(env.OPNSENSE_API_URL, 'OPNSENSE_API_URL is not set');
-assert(env.OPNSENSE_API_KEY, 'OPNSENSE_API_KEY is not set');
-assert(env.OPNSENSE_API_SECRET, 'OPNSENSE_API_SECRET is not set');
-assert(env.OPNSENSE_WG_IFNAME, 'OPNSENSE_WG_IFNAME is not set');
-
-export const opnsenseUrl = env.OPNSENSE_API_URL;
-export const opnsenseAuth =
-	'Basic ' + encodeBasicCredentials(env.OPNSENSE_API_KEY, env.OPNSENSE_API_SECRET);
-export const opnsenseIfname = env.OPNSENSE_WG_IFNAME;
-
-// unset secret for security
-if (!dev) env.OPNSENSE_API_SECRET = '';
-
-// this might be pretty bad if the server is down and in a bunch of other cases
-// TODO: write a retry loop later
-const resServers = await fetch(`${opnsenseUrl}/api/wireguard/client/list_servers`, {
-	method: 'GET',
-	headers: {
-		Authorization: opnsenseAuth,
-		Accept: 'application/json',
-	},
-});
-assert(resServers.ok, 'Failed to fetch OPNsense WireGuard servers');
-const servers = (await resServers.json()) as OpnsenseWgServers;
-assert.equal(servers.status, 'ok', 'Failed to fetch OPNsense WireGuard servers');
-export const serverUuid = servers.rows.find((server) => server.name === opnsenseIfname)?.uuid;
-assert(serverUuid, 'Failed to find server UUID for OPNsense WireGuard server');
-console.log('OPNsense WireGuard server UUID:', serverUuid);
-
-const resServerInfo = await fetch(
-	`${opnsenseUrl}/api/wireguard/client/get_server_info/${serverUuid}`,
-	{
-		method: 'GET',
-		headers: {
-			Authorization: opnsenseAuth,
-			Accept: 'application/json',
-		},
-	},
-);
-assert(resServerInfo.ok, 'Failed to fetch OPNsense WireGuard server info');
-const serverInfo = await resServerInfo.json();
-assert.equal(serverInfo.status, 'ok', 'Failed to fetch OPNsense WireGuard server info');
-export const serverPublicKey = serverInfo['pubkey'];

src/lib/types/clients.ts

@@ -1,11 +0,0 @@
-export type ClientDetails = {
-	id: number;
-	name: string;
-	publicKey: string;
-	privateKey: string | null;
-	preSharedKey: string | null;
-	ips: string[];
-	vpnPublicKey: string;
-	vpnEndpoint: string;
-	vpnDns: string;
-};

src/lib/types/index.ts

@@ -1,27 +0,0 @@
-class Ok<T> {
-	readonly _tag = 'ok';
-	value: T;
-
-	constructor(value: T) {
-		this.value = value;
-	}
-}
-
-class Err<E> {
-	readonly _tag = 'err';
-	error: E;
-
-	constructor(error: E) {
-		this.error = error;
-	}
-}
-
-export type Result<T, E> = Ok<T> | Err<E>;
-
-export function err<E>(e: E): Err<E> {
-	return new Err(e);
-}
-
-export function ok<T>(t: T): Ok<T> {
-	return new Ok(t);
-}

src/routes/+layout.svelte

@@ -6,24 +6,23 @@
 	const { data, children } = $props();
 	const { user } = data;
 
-	function getNavClass(path: RegExp) {
+	function getNavClass(path: string) {
-		return cn('hover:text-foreground/80 transition-colors',
+		return cn("hover:text-foreground/80 transition-colors",
-			path.test($page.url.pathname) ? 'text-foreground' : 'text-foreground/60');
+			$page.url.pathname === path ? "text-foreground" : "text-foreground/60");
 	}
 </script>
 
 <header class="p-4 sm:flex">
 	<span class=" mr-6 font-bold sm:inline-block">VPGen</span>
 	<nav class="flex items-center gap-6 text-sm">
-		<a href="/" class={getNavClass(/^\/$/)}>Home</a>
+		<a href="/" class={getNavClass("/")}>Home</a>
 		{#if user}
-			<a href="/user" class={getNavClass(/^\/user$/)}>Profile</a>
+			<a href="/user" class={getNavClass("/user")}>Profile</a>
-			<a href="/connections" class={getNavClass(/^\/connections$/)}>Connections</a>
+			<a href="/connections" class={getNavClass("/connections")}>Connections</a>
-			<a href="/clients" class={getNavClass(/^\/clients(\/\d+)?$/)}>Clients</a>
 		{/if}
 	</nav>
 </header>
-<main class="flex flex-col flex-grow p-4">
+<main class="flex-grow p-4">
 	{@render children()}
 </main>
 

src/routes/api/clients/+server.ts

@@ -1,42 +0,0 @@
-import { error } from '@sveltejs/kit';
-import type { RequestHandler } from './$types';
-import { createClient, findClients, mapClientToDetails } from '$lib/server/clients';
-
-export const GET: RequestHandler = async (event) => {
-	if (!event.locals.user) {
-		return error(401, 'Unauthorized');
-	}
-
-	const clients = await findClients(event.locals.user.id);
-	return new Response(
-		JSON.stringify({
-			clients: clients.map(mapClientToDetails),
-		}),
-	);
-};
-
-
-export type Clients = Awaited<ReturnType<typeof findClients>>;
-
-export const POST: RequestHandler = async (event) => {
-	if (!event.locals.user) {
-		return error(401, 'Unauthorized');
-	}
-	const { name } = await event.request.json();
-	const res = await createClient({
-		name,
-		user: event.locals.user,
-	});
-
-	switch (res._tag) {
-		case 'ok': {
-			return new Response(null, {
-				status: 201,
-			});
-		}
-		case 'err': {
-			const [status, message] = res.error;
-			return error(status, message);
-		}
-	}
-};

src/routes/api/clients/[id]/+server.ts

@@ -1,20 +0,0 @@
-import { error } from '@sveltejs/kit';
-import type { RequestHandler } from './$types';
-import { findClient, mapClientToDetails } from '$lib/server/clients';
-
-export const GET: RequestHandler = async (event) => {
-	if (!event.locals.user) {
-		return error(401, 'Unauthorized');
-	}
-
-	const { id } = event.params;
-	const clientId = parseInt(id);
-	if (isNaN(clientId)) {
-		return error(400, 'Invalid client ID');
-	}
-	const client = await findClient(event.locals.user.id, clientId);
-	if (!client) {
-		return error(404, 'Client not found');
-	}
-	return new Response(JSON.stringify(mapClientToDetails(client)));
-};

src/routes/api/connections/+server.ts

@@ -1,12 +1,9 @@
 import { error } from '@sveltejs/kit';
 import type { RequestHandler } from './$types';
-import { opnsenseAuth, opnsenseUrl } from '$lib/server/opnsense';
+import { opnsenseAuth, opnsenseIfname, opnsenseUrl } from '$lib/server/opnsense';
 import type { OpnsenseWgPeers } from '$lib/opnsense/wg';
 
-export const GET: RequestHandler = async (event) => {
+export const GET: RequestHandler = async () => {
-	if (!event.locals.user) {
-		return error(401, 'Unauthorized');
-	}
 	const apiUrl = `${opnsenseUrl}/api/wireguard/service/show`;
 	const options: RequestInit = {
 		method: 'POST',
@@ -16,23 +13,21 @@ export const GET: RequestHandler = async (event) => {
 			'Content-Type': 'application/json',
 		},
 		body: JSON.stringify({
-			'current': 1,
+			"current": 1,
 			// "rowCount": 7,
-			'sort': {},
+			"sort": {},
-			// TODO: use a more unique search phrase
+			"searchPhrase": "",
-			// unfortunately 64 character limit,
+			"type": ["peer"],
-			// but it should be fine if users can't change their own username
-			'searchPhrase': `vpgen-${event.locals.user.username}`,
-			'type': ['peer'],
 		}),
 	};
+	console.log("Fetching peers from OPNsense WireGuard API: ", apiUrl, options)
 
 	const res = await fetch(apiUrl, options);
 	const peers = await res.json() as OpnsenseWgPeers;
-	peers.rows = peers.rows.filter(peer => peer['latest-handshake'])
+	peers.rows = peers.rows.filter(peer => peer['latest-handshake'] && peer.ifname === opnsenseIfname)
 
 	if (!peers) {
-		return error(500, 'Error getting info from OPNsense API');
+		error(500, "Error getting info from OPNsense API");
 	}
 	return new Response(JSON.stringify(peers), {
 		headers: {

src/routes/auth/authentik/callback/+server.ts

@@ -39,7 +39,7 @@ export async function GET(event: RequestEvent): Promise<Response> {
 	const userId: string = claims.sub;
 	const username: string = claims.preferred_username;
 
-	const existingUser = await db.query.users.findFirst({where: eq(table.users.id, userId)});
+	const [existingUser] = await db.select().from(table.user).where(eq(table.user.id, userId));
 
 	if (existingUser) {
 		const session = await createSession(existingUser.id);
@@ -59,7 +59,7 @@ export async function GET(event: RequestEvent): Promise<Response> {
 	};
 
 	try {
-		await db.insert(table.users).values(user);
+		await db.insert(table.user).values(user);
 		const session = await createSession(user.id);
 		setSessionTokenCookie(event, session.id, session.expiresAt);
 	} catch (e) {

src/routes/clients/+page.server.ts

@@ -1,28 +0,0 @@
-import type { Actions } from './$types';
-import { createClient } from '$lib/server/clients';
-import { error } from '@sveltejs/kit';
-
-export const actions = {
-	create: async (event) => {
-		if (!event.locals.user) return error(401, 'Unauthorized');
-		const formData = await event.request.formData();
-		const name = formData.get('name');
-		if (typeof name !== 'string' || name.trim() === '') return error(400, 'Invalid name');
-		const res = await createClient({
-			name: name.trim(),
-			user: event.locals.user,
-		});
-
-		switch (res._tag) {
-			case 'ok': {
-				return {
-					status: 201,
-				};
-			}
-			case 'err': {
-				const [status, message] = res.error;
-				return error(status, message);
-			}
-		}
-	},
-} satisfies Actions;

src/routes/clients/+page.svelte

@@ -1,55 +0,0 @@
-<script lang="ts">
-	import * as Table from '$lib/components/ui/table';
-	import { Badge } from '$lib/components/ui/badge';
-	import { Button } from '$lib/components/ui/button';
-	import { Input } from '$lib/components/ui/input';
-	import type { PageData } from './$types';
-	import { LucidePlus } from 'lucide-svelte';
-
-	const { data }: { data: PageData } = $props();
-</script>
-
-<svelte:head>
-	<title>Clients</title>
-</svelte:head>
-
-<Table.Root class="bg-accent rounded-lg overflow-hidden divide-y-2 divide-background">
-	<Table.Header>
-		<Table.Row>
-			<Table.Head scope="col">Name</Table.Head>
-			<Table.Head scope="col">Public Key</Table.Head>
-<!--			<Table.Head scope="col">Private Key</Table.Head>-->
-<!--			<Table.Head scope="col">Pre-Shared Key</Table.Head>-->
-			<Table.Head scope="col">IP Allocation</Table.Head>
-		</Table.Row>
-	</Table.Header>
-	<Table.Body class="divide-y-2 divide-background">
-		{#each data.clients as client}
-			<Table.Row class="hover:bg-background hover:bg-opacity-40 group">
-				<Table.Head scope="row">
-					<a href={`/clients/${client.id}`} class="flex items-center size-full group-hover:underline">
-						{client.name}
-					</a>
-				</Table.Head>
-				<Table.Cell class="truncate">{client.publicKey}</Table.Cell>
-<!--				<Table.Cell class="truncate max-w-[10ch]">{client.privateKey}</Table.Cell>-->
-<!--				<Table.Cell class="truncate max-w-[10ch]">{client.preSharedKey}</Table.Cell>-->
-				<Table.Cell class="flex flex-wrap gap-1">
-					{#each client.ips as ip}
-						<Badge class="bg-background select-auto" variant="secondary">{ip}</Badge>
-					{/each}
-				</Table.Cell>
-			</Table.Row>
-		{/each}
-	</Table.Body>
-</Table.Root>
-
-<!--Floating action button for adding a new client-->
-<!--Not sure if this is the best place for the input field, will think about it later-->
-<form class="flex self-end mt-auto pt-4" method="post" action="?/create">
-	<Input type="text" name="name" placeholder="New Client" class="mr-2" />
-	<Button type="submit">
-		<LucidePlus class="mr-2 h-4 w-4" />
-		Add Client
-	</Button>
-</form>

src/routes/clients/+page.ts

@@ -1,9 +0,0 @@
-import type { PageLoad } from './$types';
-import type { ClientDetails } from '$lib/types/clients';
-
-export const load: PageLoad = async ({ fetch }) => {
-	const res = await fetch('/api/clients');
-	const { clients } = await res.json() as { clients: ClientDetails[] };
-
-	return { clients };
-};

src/routes/clients/[id]/+page.svelte

@@ -1,55 +0,0 @@
-<script lang="ts">
-	import type { PageData } from './$types';
-	import { LucideClipboardCopy } from 'lucide-svelte';
-	import { Button } from '$lib/components/ui/button';
-	import QRCode from 'qrcode-svg';
-
-	const { data }: { data: PageData } = $props();
-
-	let tooltipText = $state('Copy to clipboard');
-	let qrCode = new QRCode({
-		content: data.config,
-		join: true,
-	});
-
-	async function copyToClipboard() {
-		await navigator.clipboard.writeText(data.config);
-		tooltipText = 'Copied!';
-	}
-
-	function onMouseLeave() {
-		tooltipText = 'Copy to clipboard';
-	}
-</script>
-
-<svelte:head>
-	<title></title>
-</svelte:head>
-
-<h1 class="bg-accent text-lg w-fit rounded-lg p-2 mb-4">{data.client.name}</h1>
-
-<div class="flex flex-wrap gap-4">
-	<div class="relative bg-accent rounded-lg max-w-fit">
-		<div class="flex items-start p-2 overflow-x-auto">
-			<pre><code>{data.config}</code></pre>
-
-			<!--Copy button for the configuration-->
-			<!--Flex reverse for peer hover to work properly-->
-			<div class="absolute group flex flex-row-reverse items-center gap-1 right-2">
-				<Button class="peer size-10 p-2"
-								onclick={copyToClipboard}
-								onmouseleave={onMouseLeave}
-				>
-					<LucideClipboardCopy />
-				</Button>
-				<span class="hidden peer-hover:block bg-background text-xs rounded-lg p-2">
-				{tooltipText}
-			</span>
-			</div>
-		</div>
-	</div>
-
-	<div class="rounded-lg overflow-hidden">
-		{@html qrCode.svg()}
-	</div>
-</div>

src/routes/clients/[id]/+page.ts

@@ -1,16 +0,0 @@
-import type { PageLoad } from './$types';
-import type { ClientDetails } from '$lib/types/clients';
-import { clientDetailsToConfig } from '$lib/clients';
-import { error } from '@sveltejs/kit';
-
-export const load: PageLoad = async ({ fetch, params }) => {
-	const res = await fetch(`/api/clients/${params.id}`);
-	const resJson = await res.json();
-	if (!res.ok) {
-		return error(res.status, resJson['message']);
-	}
-	const client = resJson as ClientDetails;
-	const config = clientDetailsToConfig(client);
-
-	return { client, config };
-};

src/routes/connections/+page.svelte

@@ -33,30 +33,28 @@
 	<title>Connections</title>
 </svelte:head>
 
-<Table.Root class="bg-accent rounded-lg overflow-hidden divide-y-2 divide-background">
+<Table.Root class="bg-accent rounded-xl">
 	<Table.Header>
-		<Table.Row>
+		<Table.Head>Name</Table.Head>
-			<Table.Head scope="col">Name</Table.Head>
+		<Table.Head>Public Key</Table.Head>
-			<Table.Head scope="col">Public Key</Table.Head>
+		<Table.Head>Endpoint</Table.Head>
-			<Table.Head scope="col">Endpoint</Table.Head>
+		<Table.Head>Allowed IPs</Table.Head>
-			<Table.Head scope="col">Allowed IPs</Table.Head>
+		<Table.Head>Latest Handshake</Table.Head>
-			<Table.Head scope="col">Latest Handshake</Table.Head>
+		<Table.Head>RX</Table.Head>
-			<Table.Head scope="col">RX</Table.Head>
+		<Table.Head>TX</Table.Head>
-			<Table.Head scope="col">TX</Table.Head>
+		<Table.Head class="hidden">Persistent Keepalive</Table.Head>
-			<Table.Head scope="col" class="hidden">Persistent Keepalive</Table.Head>
+		<Table.Head class="hidden">Interface Name</Table.Head>
-			<Table.Head scope="col" class="hidden">Interface Name</Table.Head>
-		</Table.Row>
 	</Table.Header>
-	<Table.Body class="divide-y-2 divide-background">
+	<Table.Body>
 		{#each data.peers.rows as peer}
-			<Table.Row class="hover:bg-background hover:bg-opacity-40">
+			<Table.Row class="border-y-2 border-background">
-				<Table.Head scope="row">{peer.name}</Table.Head>
+				<Table.Cell>{peer.name}</Table.Cell>
 				<Table.Cell class="truncate max-w-[10ch]">{peer['public-key']}</Table.Cell>
 				<Table.Cell>{peer.endpoint}</Table.Cell>
 				<Table.Cell>
 					<div class="flex flex-wrap gap-1">
 						{#each peer['allowed-ips'].split(',') as addr}
-							<Badge class="bg-background select-auto" variant="secondary">{addr}</Badge>
+							<Badge class="bg-background" variant="secondary">{addr}</Badge>
 						{/each}
 					</div>
 				</Table.Cell>

src/routes/user/+page.svelte

@@ -7,9 +7,9 @@
 	let isLoadingSignOut = $state(false);
 
 	function refetch() {
-		console.log('refetching');
+		console.log("refetching");
 		invalidate((url) => {
-			console.log('invalidation url', url);
+			console.log("invalidation url", url);
 			return true;
 		});
 		invalidateAll();
@@ -20,9 +20,10 @@
 	<title>User Profile</title>
 </svelte:head>
 
-<pre>{JSON.stringify(data.user, null, 2)}</pre>
+<p>
+	{JSON.stringify(data.user)}
+</p>
 
-<div class="flex gap-2">
 <Button onclick={refetch}>
 		<LucideRefreshCw class="mr-2 h-4 w-4" />
 	Invalidate Data
@@ -37,4 +38,3 @@
 		Sign Out
 	</Button>
 </form>
-</div>