tanabata

Go to file

Masahiko AMANO 296f44b4ed feat: implement auth service with JWT and session management

Login: bcrypt credential validation, session creation, JWT pair issuance.
Logout/TerminateSession: soft-delete session (is_active = false).
Refresh: token rotation — deactivate old session, issue new pair.
ListSessions: marks IsCurrent by comparing session IDs.
ParseAccessToken: for use by auth middleware.

Claims carry uid (int16), adm (bool), sid (int). Refresh tokens are
stored as SHA-256 hashes; raw tokens never reach the database.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-04 00:38:21 +03:00

backend

feat: implement auth service with JWT and session management

2026-04-04 00:38:21 +03:00

docs

docs: add reference Python/Flask implementation

2026-04-03 18:36:05 +03:00

frontend

feat: initialize SvelteKit frontend with Tailwind and OpenAPI types

2026-04-04 00:00:26 +03:00

.env.example

feat: config, migrations embed, and server entrypoint