root/smart-home-server

Fork: 0

root / smart-home-server

History for smart-home-server / docs / planning

2026-06-07	e7afa05 Browse files » Phase 2 session stability: refresh queue, Bearer fallback, proactive refresh Eugene Sukhodolskiy committed 7 hours ago
	0958b86 Browse files » Update auth-fix-plan: mark Phase 1 tasks completed Eugene Sukhodolskiy committed 8 hours ago
	e90acee Browse files » Phase 1 auth security hotfixes: cookie-based session, bearer checks, router guard sync ... - Remove access_token from OAuth callback URL (token leak fix) - Add sanitizeReturnTo() to prevent open redirect on login/callback - Add Bearer token expiration check in resolve_user_by_bearer() - Add user status check in load_user_by_id() (block inactive/banned) - Cache authStore.init() promise to prevent race condition - Await auth init in router beforeEach guard - Remove URL token parsing from main.js and LoginPage - Remove hasTokenInUrl workaround from client.js 401 handler Eugene Sukhodolskiy committed 8 hours ago
2026-06-06	aeabd40 Browse files » Update docs: guest is explicit authenticated role, no anonymous access Eugene Sukhodolskiy committed 1 day ago
2026-06-06	3f75d33 Browse files » Phase 0: gnexus-auth integration infrastructure ... - Add gnexus/auth-client via Composer vcs - Thin PSR-18/17 cURL adapter (zero extra deps) - SessionStateStore, SessionPkceStore, DbTokenStore - AuthService wrapper: login URL, callback, logout, refresh, me - UserResolver + PermissionResolver - AuthController (login, callback, logout, me, refresh) - WebhookController + WebhookRouter + event handlers - AuthControllerTrait for endpoint protection - Migration: 9 tables (users, roles, permissions, overrides, groups, members, group_perms, sessions, audit) + seed data - Remove old Example_AuthController - Add GAUTH_* env variables to config and .env.example Eugene Sukhodolskiy committed 1 day ago