 tliu93
|
8da1f13e60
|
M2-T02: add session/auth JSON API for the SPA
- GET /api/session (user + csrf_token, 401 when unauthenticated)
- POST /api/auth/login (sets HttpOnly session cookie; 401 on bad creds; no CSRF)
- POST /api/auth/logout (session+CSRF; revokes session, clears cookie; 204)
- POST /api/auth/password (session+CSRF; reuses change_password; 400 on failure; 204)
- reuses app/services/auth.py and shared require_session/require_csrf deps
- register router in app/main.py; regenerate openapi/
- tests/test_api_session.py
|
2026-06-12 23:15:56 +02:00 |
|
|
tliu93
|
c2b1b7b751
|
M2-T01: add config JSON API (GET/PUT /api/config)
- new app/api/routes/api/ package with shared require_session (401) and
require_csrf (presence-only X-CSRF-Token, 403) dependencies
- GET /api/config returns masked config sections; PUT /api/config reuses
save_config_updates (blank secret keeps old; invalid -> 422, no write)
- session-protected; PUT also CSRF-protected
- register router in app/main.py; regenerate openapi/
- tests/test_api_config.py
|
2026-06-12 23:08:14 +02:00 |
|
|
tliu93
|
5a420bd37b
|
add get public and storage feature
|
2026-04-29 11:45:49 +02:00 |
|
|
tliu93
|
982af62f4f
|
Migrate TickTick OAuth and action tasks
|
2026-04-20 17:06:03 +02:00 |
|
|
tliu93
|
044b47c573
|
Migrate poo recorder and align Alembic naming
|
2026-04-20 11:48:48 +02:00 |
|
|
tliu93
|
e334df992f
|
Add Home Assistant inbound gateway
|
2026-04-20 10:42:35 +02:00 |
|
|
tliu93
|
d0dc8e893a
|
Tighten location request validation
|
2026-04-19 23:18:20 +02:00 |
|
|
tliu93
|
32cc6847fd
|
Migrate location recorder and refine db config
|
2026-04-19 21:39:23 +02:00 |
|
|
tliu93
|
31390882ef
|
Bootstrap Python rewrite skeleton
|
2026-04-19 20:19:58 +02:00 |
|