chore

ryan/chore

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ryan Kegel	ebaef16daf	feat: implement long-term user login with refresh tokens All checks were successful Chore App Build, Test, and Push Docker Images / build-and-push (push) Successful in 3m23s Details - Introduced a dual-token system for user authentication: a short-lived access token and a long-lived rotating refresh token. - Created a new RefreshToken model to manage refresh tokens securely. - Updated auth_api.py to handle login, refresh, and logout processes with the new token system. - Enhanced security measures including token rotation and theft detection. - Updated frontend to handle token refresh on 401 errors and adjusted SSE authentication. - Removed CORS middleware as it's unnecessary behind the nginx proxy. - Added tests to ensure functionality and security of the new token system.	2026-03-01 19:27:25 -05:00
Ryan Kegel	7e7a2ef49e	Implement account deletion handling and improve user feedback Some checks failed Chore App Build and Push Docker Images / build-and-push (push) Has been cancelled Details - Added checks for accounts marked for deletion in signup, verification, and password reset processes. - Updated reward and task listing to sort user-created items first. - Enhanced user API to clear verification and reset tokens when marking accounts for deletion. - Introduced tests for marked accounts to ensure proper handling in various scenarios. - Updated profile and reward edit components to reflect changes in validation and data handling.	2026-02-17 10:38:26 -05:00

Author

SHA1

Message

Date

Ryan Kegel

ebaef16daf

feat: implement long-term user login with refresh tokens

Chore App Build, Test, and Push Docker Images / build-and-push (push) Successful in 3m23s

Details

- Introduced a dual-token system for user authentication: a short-lived access token and a long-lived rotating refresh token.
- Created a new RefreshToken model to manage refresh tokens securely.
- Updated auth_api.py to handle login, refresh, and logout processes with the new token system.
- Enhanced security measures including token rotation and theft detection.
- Updated frontend to handle token refresh on 401 errors and adjusted SSE authentication.
- Removed CORS middleware as it's unnecessary behind the nginx proxy.
- Added tests to ensure functionality and security of the new token system.

2026-03-01 19:27:25 -05:00

Ryan Kegel

7e7a2ef49e

Implement account deletion handling and improve user feedback

Chore App Build and Push Docker Images / build-and-push (push) Has been cancelled

Details

- Added checks for accounts marked for deletion in signup, verification, and password reset processes.
- Updated reward and task listing to sort user-created items first.
- Enhanced user API to clear verification and reset tokens when marking accounts for deletion.
- Introduced tests for marked accounts to ensure proper handling in various scenarios.
- Updated profile and reward edit components to reflect changes in validation and data handling.

2026-02-17 10:38:26 -05:00

2 Commits