Commit Graph

37 Commits

Author SHA1 Message Date
be71ec91c8 feat: add public watchlist export 2026-06-29 13:39:35 +02:00
4bae78ca56 test: add tests for session cookie hardening and POST logout 2026-06-27 21:05:52 +02:00
e9a167b2c9 refactor: use centralized session cookie helpers 2026-06-27 21:05:49 +02:00
a74087aa2a fix: change logout route from GET to POST 2026-06-27 21:05:41 +02:00
6edb93d5af feat: add HTTPS-aware session cookie helpers 2026-06-27 21:05:09 +02:00
88c066398e feat: add robots.txt and sitemap.xml 2026-06-27 16:30:33 +02:00
c68ee462e9 test: add auth handler middleware and service unit tests 2026-06-24 16:08:45 +02:00
69c1c9d507 refactor: remove metrics from server and database 2026-06-23 15:09:01 +02:00
6bff7bfaa3 Handle logout errors 2026-06-20 18:29:07 +02:00
a39dbed851 fix: log errors from expired session cleanup and token usage tracking 2026-06-16 01:10:42 +02:00
6187afad71 fix: log audit record failures instead of silently discarding 2026-06-16 00:31:33 +02:00
a1890e22cb auth: replace opaque invalid credentials with sentinel errors 2026-06-16 00:28:27 +02:00
bcd4106dce refactor: replace wrapper lambda with direct function reference 2026-06-13 21:26:32 +02:00
7265dec446 refactor: reduce cyclomatic complexity of AuthMiddleware 2026-06-11 12:57:26 +02:00
b862b6e08b docs: add package comments to auth and audit packages 2026-06-01 12:55:28 +02:00
82543d39fb refactor: update auth module imports for flattened package structure 2026-05-28 12:39:44 +02:00
9a0506913c refactor: move auth service from subdirectory 2026-05-28 12:37:51 +02:00
221155bed3 refactor: move auth repository from subdirectory 2026-05-28 12:37:42 +02:00
f9543d0d79 refactor: move auth middleware from subdirectory 2026-05-28 12:37:33 +02:00
d0d115cc93 refactor: move auth handler from subdirectory 2026-05-28 12:37:25 +02:00
f70e2e4bcd fix: add POST /login to public routes 2026-05-26 23:08:03 +02:00
5a054d250e refactor: domain auth types 2026-05-26 22:41:29 +02:00
9c3636f31a style: align struct fields in config, domain, and auth 2026-05-26 16:17:54 +02:00
6dd84976de feat: record audit events for api token creation and revocation 2026-05-26 16:14:31 +02:00
3331c96c06 fix: propagate rand.Read error in token generation 2026-05-26 15:56:49 +02:00
82072b256d refactor: extract public route check into declarative table 2026-05-26 15:32:28 +02:00
c2e4cae253 feat: add observability metrics 2026-05-23 17:13:18 +02:00
c5c15cdabc fix: rolling session renewal 2026-05-21 19:09:53 +02:00
237b5f3004 feat: add API token authentication 2026-05-19 02:46:47 +02:00
eb173ac072 chore: formatting 2026-05-14 12:30:06 +02:00
b625f024f3 fix: allow static and dist paths to bypass auth middleware 2026-05-13 16:04:50 +02:00
6f1b4db4f5 fix: enforce authentication by redirecting unauthenticated users to login 2026-05-13 15:23:37 +02:00
345853406c refactor: general architectural cleanup and bug fixes 2026-05-13 11:20:49 +02:00
1b88c4597c feat: implement auth middleware using domain service 2026-05-13 11:20:48 +02:00
34aeb91252 feat: migrate auth module to modular domain pattern 2026-05-13 10:31:46 +02:00
67468b41a0 chore: remove old auth.go 2026-04-06 22:37:53 +02:00
1ab6f57aa4 sec: enforce global auth and remove registration 2026-04-06 07:03:44 +02:00