feat: implement deactivated account pattern for migration

.changeset/create-pds-ux.md

@@ -0,0 +1,5 @@
+---
+"create-pds": patch
+---
+
+Improve UX with clearer prompts

.changeset/deactivated-account-pattern.md

@@ -0,0 +1,34 @@
+---
+"@ascorbic/pds": minor
+---
+
+Implement deactivated account pattern for seamless account migration
+
+**Account State Management:**
+- Add account activation state tracking to support migration workflows
+- New `INITIAL_ACTIVE` environment variable controls whether accounts start active or deactivated
+- Accounts can transition between active and deactivated states
+
+**Migration Endpoints:**
+- `POST /xrpc/com.atproto.server.activateAccount` - Enable writes and firehose events
+- `POST /xrpc/com.atproto.server.deactivateAccount` - Disable writes while keeping reads available
+- Enhanced `getAccountStatus` to return actual activation state and migration metrics
+
+**Write Protection:**
+- Write operations (`createRecord`, `putRecord`, `deleteRecord`, `applyWrites`) are blocked when account is deactivated
+- Returns clear "AccountDeactivated" error with helpful instructions
+- Read operations, `importRepo`, `uploadBlob`, and `activateAccount` remain available
+
+**Improved Setup Flow:**
+- `pds init` now asks if you're migrating an existing account
+- For migrations: auto-resolves handle to DID, deploys account as deactivated
+- For new accounts: generates identity, deploys as active
+- Worker name automatically generated from handle using smart slugification
+
+**Migration UX:**
+- Handle resolution using DNS-over-HTTPS via `@atproto-labs/handle-resolver`
+- Retry logic with helpful error messages for failed handle lookups
+- Step-by-step guidance for export, import, PLC update, and activation
+- Custom domain validation to prevent using hosted handles (*.bsky.social)
+
+This enables users to safely migrate their Bluesky accounts to self-hosted infrastructure with a clean, resumable workflow.

.changeset/oauth-provider-initial.md

@@ -0,0 +1,28 @@
+---
+"@ascorbic/atproto-oauth-provider": minor
+---
+
+Initial release of AT Protocol OAuth 2.1 Provider
+
+A complete OAuth 2.1 Authorization Server implementation for AT Protocol, enabling "Login with Bluesky" functionality.
+
+**Features:**
+- Full OAuth 2.1 Authorization Code flow with PKCE
+- DPoP (Demonstrating Proof of Possession) support for token binding
+- PAR (Pushed Authorization Requests) for secure request initiation
+- Client metadata discovery and validation
+- Token rotation and revocation
+- SQLite-based storage adapter for Durable Objects
+
+**Security:**
+- Cryptographically secure token generation
+- PKCE challenge verification (SHA-256)
+- DPoP proof validation with replay protection
+- Token binding to prevent token theft
+
+**Compatibility:**
+- Integrates with `@atproto/oauth-client` for client applications
+- Storage interface allows custom backends beyond SQLite
+- Built for Cloudflare Workers with Durable Objects
+
+This package enables AT Protocol PDSs to act as OAuth providers, allowing users to authenticate with third-party applications using their PDS identity.

.github/workflows/e2e.yml

@@ -0,0 +1,28 @@
+name: E2E Tests
+on:
+  pull_request:
+  push:
+    branches: [main]
+jobs:
+  e2e:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v5
+      - uses: pnpm/action-setup@v2
+        with:
+          version: 10.26.2
+      - name: Setup Node
+        uses: actions/setup-node@v6
+        with:
+          cache: "pnpm"
+          check-latest: true
+          registry-url: "https://registry.npmjs.org"
+      - name: Install dependencies
+        run: |
+          corepack enable
+          pnpm install
+      - name: Build
+        run: pnpm build
+      - name: E2E Tests
+        run: pnpm --filter @ascorbic/pds test:e2e

knip.json

@@ -11,8 +11,8 @@
 			"ignoreDependencies": ["@changesets/cli"]
 		},
 		"packages/pds": {
-			"ignore": ["scripts/**", "test/fixtures/**"],
-			"ignoreDependencies": ["tsx", "ws", "@types/ws"]
+			"ignore": ["scripts/**", "test/fixtures/**", "e2e/fixture/**"],
+			"ignoreDependencies": ["tsx", "vite", "@cloudflare/vite-plugin"]
 		},
 		"packages/create-pds": {
 			"ignore": ["templates/**"]

packages/create-pds/src/index.ts

@@ -106,7 +106,7 @@ const main = defineCommand({
 	args: {
 		name: {
 			type: "positional",
-			description: "Project name",
+			description: "Folder name",
 			required: false,
 		},
 		"package-manager": {
@@ -138,32 +138,33 @@ const main = defineCommand({
 	},
 	async run({ args }) {
 		const nonInteractive = args.yes || !process.stdout.isTTY;
-		p.intro("Create PDS");
+		p.intro("🦋 Create PDS");
 
+		p.log.info("Let's build your new home in the Atmosphere!");
 		p.log.warn(
-			"This is experimental software. Do not migrate your main Bluesky account yet.",
+			"This is experimental software. Don't migrate your main account yet.",
 		);
 
 		if (!nonInteractive) {
-			p.note("Use --yes to run non-interactively", "Tip");
+			p.log.message("Tip: Use --yes to skip prompts");
 		}
 
-		// Get project name
+		// Get folder name
 		let projectName = args.name;
 		if (!projectName) {
 			if (nonInteractive) {
-				projectName = "pds-worker";
+				projectName = "my-pds";
 			} else {
 				const result = await p.text({
-					message: "Project name:",
-					placeholder: "pds-worker",
-					defaultValue: "pds-worker",
+					message: "Folder name:",
+					placeholder: "my-pds",
+					defaultValue: "my-pds",
 				});
 				if (p.isCancel(result)) {
 					p.cancel("Cancelled");
 					process.exit(0);
 				}
-				projectName = result || "pds-worker";
+				projectName = result || "my-pds";
 			}
 		}
 
@@ -273,7 +274,7 @@ const main = defineCommand({
 
 		// Run pds init
 		if (!args["skip-init"] && !args["skip-install"]) {
-			p.log.info("Now let's configure your PDS for local development");
+			p.log.info("Now let's set up your account...");
 
 			try {
 				const pdsArgs = ["run", "pds", "init"];
@@ -305,10 +306,10 @@ const main = defineCommand({
 				"",
 				"Your PDS will be running at http://localhost:5173",
 			].join("\n"),
-			"Next steps",
+			"Next Steps",
 		);
 
-		p.outro("Happy building!");
+		p.outro("Welcome to the Atmosphere! 🦋");
 	},
 });