Phase 1: Secret List & Detail View (Read-Only UI) #192
Description
🎯 Goal
Implement the foundational read-only UI for displaying secrets: a list view with search/filter and a detail view showing all secret fields.
🔗 Parent Epic
Part of: #191 (Secret Management Frontend)
📋 Tasks
Secret List Page
- Create
SecretList.tsxpage component - Implement grid/list view toggle
- Add search bar (filter by title)
- Add tag filter dropdown
- Add expiration filter (expired, expiring soon, no expiration)
- Implement pagination (20 items per page)
- Add loading states
- Add empty state ("No secrets yet")
- Add error handling
Secret Card Component
- Create
SecretCard.tsxcomponent - Display title, username, tags
- Show expiration badge (if applicable)
- Show shared indicator icon
- Show attachment count badge
- Add click handler to navigate to detail
- Implement responsive design
Secret Detail Page
- Create
SecretDetail.tsxpage component - Display all fields (title, username, password, URL, notes)
- Add "Show Password" toggle button
- Display tags as chips
- Show expiration date (with warning if expired)
- Display creation/update timestamps
- Show owner information
- Show shared-with list (read-only)
- Show attachments list (read-only)
- Add loading state
- Add error handling (404 if secret not found)
API Service
- Create
services/secretApi.ts - Implement
getSecrets()function - Implement
getSecretById(id)function - Add TypeScript interfaces for Secret types
- Add error handling (401, 403, 404, 500)
- Add request/response logging (non-sensitive)
Routing
- Add
/secretsroute → SecretList - Add
/secrets/:idroute → SecretDetail - Add navigation menu item
Tests
- Unit tests for
secretApi.ts(≥80% coverage) - Component tests for
SecretList.tsx - Component tests for
SecretCard.tsx - Component tests for
SecretDetail.tsx - Integration test: List → Detail navigation
🎨 UI Mockup
Secret List
┌─────────────────────────────────────────────────────────┐
│ Secrets [Grid] [List] [+] │
├─────────────────────────────────────────────────────────┤
│ 🔍 Search... Tags: [All ▾] Expires: [All ▾]│
├─────────────────────────────────────────────────────────┤
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ │
│ │ �� Gmail │ │ 🔒 GitHub │ │ 🔒 AWS │ │
│ │ user@email │ │ @username │ │ root │ │
│ │ #work #email │ │ #dev │ │ #cloud #work │ │
│ │ 📎 2 👥 3 │ │ 📎 0 �� 1 │ │ 📎 5 👥 2 │ │
│ └──────────────┘ └──────────────┘ └──────────────┘ │
│ │
│ Page 1 of 3 [1] 2 3 > │
└─────────────────────────────────────────────────────────┘
Secret Detail
┌─────────────────────────────────────────────────────────┐
│ < Back Gmail Account [Edit] [Share] │
├─────────────────────────────────────────────────────────┤
│ Title: Gmail Account │
│ Username: user@example.com │
│ Password: •••••••••••• [Show] │
│ URL: https://gmail.com │
│ Tags: #work #email │
│ Expires: 2025-12-31 ⚠️ (39 days) │
│ │
│ Notes: │
│ Main work email account. Reset password every 90 days. │
│ │
│ Attachments: (2) │
│ 📄 recovery-codes.txt (1.2 KB) │
│ 📄 backup-email.pdf (245 KB) │
│ │
│ Shared with: (3) │
│ 👤 John Doe (read) │
│ �� Jane Smith (write) │
│ 👥 Admins (admin) │
│ │
│ Created: 2025-10-01 by You │
│ Updated: 2025-11-15 │
└─────────────────────────────────────────────────────────┘
🔗 API Endpoints (Backend)
// List secrets
GET /api/v1/secrets
Query: ?search=gmail&tags=work,email&page=1&per_page=20
Response:
{
"data": [
{
"id": "uuid",
"title": "Gmail Account",
"username": "user@example.com",
"url": "https://gmail.com",
"tags": ["work", "email"],
"expires_at": "2025-12-31T23:59:59Z",
"attachment_count": 2,
"is_shared": true,
"created_at": "2025-10-01T10:00:00Z",
"updated_at": "2025-11-15T14:30:00Z"
}
],
"meta": {
"current_page": 1,
"total": 42,
"per_page": 20
}
}
// Get single secret
GET /api/v1/secrets/{id}
Response:
{
"data": {
"id": "uuid",
"title": "Gmail Account",
"username": "user@example.com",
"password": "decrypted-password",
"url": "https://gmail.com",
"notes": "Main work email...",
"tags": ["work", "email"],
"expires_at": "2025-12-31T23:59:59Z",
"owner": {
"id": "uuid",
"name": "You"
},
"attachments": [...],
"shares": [...],
"created_at": "2025-10-01T10:00:00Z",
"updated_at": "2025-11-15T14:30:00Z"
}
}✅ Acceptance Criteria
- Secret list displays all user's secrets
- Search filters secrets by title (client-side for Phase 1)
- Tag filter works correctly
- Expiration filter works correctly
- Pagination works (prev/next/page numbers)
- Grid/List view toggle persists preference
- Secret detail shows all fields correctly
- Password field is hidden by default
- "Show Password" button works
- Navigation: List → Detail → Back works
- Loading states show during API calls
- Error states display user-friendly messages
- Empty state shown when no secrets exist
- Responsive design works on mobile/tablet/desktop
- All tests pass (≥80% coverage)
- Accessibility: Keyboard navigation works
- Accessibility: Screen reader compatible
🔒 Security Notes
⚠️ Password field must usetype="password"by default⚠️ Never log decrypted passwords⚠️ Clear password from DOM when navigating away⚠️ Respect backend permissions (hide edit/share buttons if no permission)
📊 Estimated Effort
Size: ~400-500 LOC (excluding tests)
Time: 3-4 days
PR Count: 1 PR
🔗 Dependencies
- Backend API ([EPIC] Secret Management System (Password Vault) api#173) ✅ Complete
- No frontend dependencies
🔗 Blocks
- Phase 2 (Create/Edit Forms)
Type: Sub-Issue of #191
Priority: High
Estimated Effort: M (3-4 days)