feat(templates): display username with full name across admin views

[appleboy]

Summary

Render AuthGate users as username (full_name) across the admin/consent UI — falling back to just username when the full name is empty — via a single shared UserDisplay helper. Previously these surfaces showed only the username, so admins couldn't tell two similarly-named accounts apart at a glance.

What changed

• templates/props.go — new package-level UserDisplay(username, fullName string) string: returns "username (full_name)" when fullName is non-empty, else username. Added FullName to AuthorizePageProps.
• Pure template layer — applied the helper to the title/message sentences in admin_user_authorizations, admin_user_connections, admin_user_password_reset, and refactored the pre-existing inline two-span logic in admin_client_authorizations to use it.
• Three low-risk backend sites (zero schema change, zero extra queries) — TokenWithUser.FullName and ClientWithCreator.CreatorFullName are populated from the already-fetched GetUsersByIDs map in token_query.go / client.go; ShowAuthorizePage passes user.FullName from its already-loaded user. Templates admin_tokens (User column), admin_clients (Creator column, keeps the existing != "" guard → "Unknown"), and authorize ("Signed in as") render via the helper.

Intentionally not touched: navbar DisplayName() (different format — full-name-or-username), the user list/detail/created/form pages (already have a dedicated Full Name column/field), third-party ProviderUsername/ProviderEmail, and the audit/dashboard ActorUsername snapshot columns (denormalized, no ActorFullName).

AI Authorship

• AI was used. Details:
  • Tool / model: Claude Code (Opus 4.8), executing a pre-written plan.md, then refined by an automated 4-agent /simplify review pass (reuse / simplification / efficiency / altitude — concluded the diff was already clean).
  • AI-authored files: all files in this PR.
  • Human line-by-line reviewed: ⚠️ TODO — author to confirm before merge.

Change classification

• Leaf node (local impact) — display-string formatting in templates plus three view-model fields. A bug would render a username without its parenthetical full name; impact is cosmetic and local.
• Core code

Plan reference

Goal (from plan.md): change "display AuthGate username" sites in internal/templates/ from username-only to username (full_name), omitting the (xxx) entirely when full_name is empty. Scope explicitly limited to the helper, three pure-template sites, and three low-risk backend sites with no schema/migration/query changes.

Verification

• Unit tests — table-driven tests for UserDisplay: ("admin","Administrator")→"admin (Administrator)", ("admin","")→"admin", ("u1","Wang Xiaoming")→"u1 (Wang Xiaoming)".
• Integration tests — N/A (no new logic paths; the backend change is one field assignment from an already-fetched object).
• At least 3 e2e tests — N/A for a leaf display change.
• Stress / soak test — N/A.
• Build/lint: make generate, make build, make test (templates/services/handlers), make fmt, make lint (0 issues) all pass locally.
• Manual verification (reviewer): start ./bin/authgate server; with a user that has a Full Name, open /admin/users/:id/authorizations → title reads Applications that admin (Administrator) has granted access to; with a user that has no Full Name → Applications that someuser has granted access to (no empty parens). Spot-check /admin/tokens, /admin/clients, /oauth/authorize. Confirm no regression on navbar, /admin/users list, and /admin/audit actor column.

Verifiability check

• Inputs/outputs documented (helper contract + the 3 test cases).
• Reviewer can judge correctness from the helper + signatures without reading every template.
• Failures surface visually in the UI.

Risk & rollback

• Risk: accidentally altering a page that already has a dedicated Full Name field (duplicate display), or forgetting make generate so the UI doesn't reflect .templ edits. Both were guarded against — see the "not touched" list and the build steps above.
• Rollback: pure additive change (one helper, struct fields, template edits). git revert the commit and re-run make generate; no DB migration to undo.

Reviewer guide

• Read carefully: internal/templates/props.go (UserDisplay contract + the new AuthorizePageProps.FullName); the two enrichment loops in internal/services/token_query.go and internal/services/client.go (confirm the field is filled from the existing userMap, not a new query).
• Spot-check OK: the seven .templ call sites — each is a one-line swap to UserDisplay(...); admin_clients keeps its != "" → "Unknown" guard.

🤖 Generated with Claude Code

[Copilot]

Pull request overview

This PR standardizes how users are displayed across the admin + consent UI by rendering them as username (full_name) when a full name is present, otherwise just username, via a shared templates.UserDisplay helper.

Changes:

• Added UserDisplay(username, fullName string) helper and extended AuthorizePageProps with FullName.
• Updated multiple admin and consent templates to use UserDisplay consistently (tokens, clients, authorizations, connections, password reset, authorize page).
• Enriched backend view-model structs (TokenWithUser, ClientWithCreator) and authorize page props to carry full name from already-loaded user records (no new queries).

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
internal/templates/props.go	Adds UserDisplay helper and AuthorizePageProps.FullName for consent UI rendering.
internal/templates/props_test.go	Adds unit tests covering UserDisplay formatting and empty-full-name fallback.
internal/templates/authorize.templ	Shows “Signed in as …” using UserDisplay(props.Username, props.FullName).
internal/templates/admin_user_password_reset.templ	Uses UserDisplay in the success message for the target user.
internal/templates/admin_user_connections.templ	Uses UserDisplay when describing the linked external identities target user.
internal/templates/admin_user_authorizations.templ	Uses UserDisplay in the “Applications that … has granted access to” line.
internal/templates/admin_tokens.templ	Uses UserDisplay(tok.Username, tok.FullName) in the User column.
internal/templates/admin_clients.templ	Uses UserDisplay(client.CreatorUsername, client.CreatorFullName) in the Creator column (preserving Unknown guard).
internal/templates/admin_client_authorizations.templ	Refactors inline conditional full-name rendering to the shared UserDisplay helper.
internal/services/token_query.go	Adds TokenWithUser.FullName and populates it from GetUsersByIDs map.
internal/services/client.go	Adds ClientWithCreator.CreatorFullName and populates it from GetUsersByIDs map.
internal/handlers/authorization.go	Passes user.FullName into AuthorizePageProps for consent rendering.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[codecov]

Codecov Report

❌ Patch coverage is 90.90909% with 1 line in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
internal/handlers/authorization.go	0.00%	1 Missing ⚠️

📢 Thoughts on this report? Let us know!

[Copilot]

Pull request overview

Copilot reviewed 12 out of 12 changed files in this pull request and generated 1 comment.

[Copilot]

Pull request overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated 2 comments.

[Copilot]

Pull request overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated no new comments.