tanabata

History

Masahiko AMANO 277f42035c feat(backend): implement auth service with JWT and session management

Login: bcrypt credential validation, session creation, JWT pair issuance.
Logout/TerminateSession: soft-delete session (is_active = false).
Refresh: token rotation — deactivate old session, issue new pair.
ListSessions: marks IsCurrent by comparing session IDs.
ParseAccessToken: for use by auth middleware.

Claims carry uid (int16), adm (bool), sid (int). Refresh tokens are
stored as SHA-256 hashes; raw tokens never reach the database.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-04 00:38:21 +03:00

config

feat(backend): config, migrations embed, and server entrypoint

2026-04-03 18:57:17 +03:00

feat(backend): implement db helpers and postgres pool/transactor

2026-04-04 00:34:45 +03:00

domain

refactor(backend): strengthen domain layer types and add missing page types

2026-04-04 00:06:44 +03:00

port

feat(backend): implement port interfaces (repository and storage)

2026-04-04 00:11:06 +03:00

service

feat(backend): implement auth service with JWT and session management

2026-04-04 00:38:21 +03:00