mirror of
https://github.com/kikootwo/ReadMeABook.git
synced 2026-06-04 05:10:11 +00:00
docs(auth): document token authentication flow
This commit is contained in:
Orvanix
@@ -5,6 +5,7 @@
|
|||||||
## Authentication & Users
|
## Authentication & Users
|
||||||
- **Plex OAuth, JWT sessions, RBAC** → [backend/services/auth.md](backend/services/auth.md)
|
- **Plex OAuth, JWT sessions, RBAC** → [backend/services/auth.md](backend/services/auth.md)
|
||||||
- **Local admin authentication, password change** → [backend/services/auth.md](backend/services/auth.md)
|
- **Local admin authentication, password change** → [backend/services/auth.md](backend/services/auth.md)
|
||||||
|
- **Admin-generated login token per user (URL-login)** → [backend/services/auth.md](backend/services/auth.md)
|
||||||
- **Route protection, auth guards** → [frontend/routing-auth.md](frontend/routing-auth.md)
|
- **Route protection, auth guards** → [frontend/routing-auth.md](frontend/routing-auth.md)
|
||||||
- **Login page UI/UX** → [frontend/pages/login.md](frontend/pages/login.md)
|
- **Login page UI/UX** → [frontend/pages/login.md](frontend/pages/login.md)
|
||||||
|
|
||||||
|
|||||||
@@ -249,6 +249,13 @@ oidc.admin_claim_value = 'readmeabook-admin'
|
|||||||
- **Admin Settings:** OIDC section in `/admin/settings` (auth tab)
|
- **Admin Settings:** OIDC section in `/admin/settings` (auth tab)
|
||||||
- **Library:** `openid-client` (OIDC discovery, token exchange, PKCE)
|
- **Library:** `openid-client` (OIDC discovery, token exchange, PKCE)
|
||||||
|
|
||||||
|
## Admin-Generated Login Token
|
||||||
|
|
||||||
|
- Login token stored as SHA-256 hash in `User.loginTokenHash`
|
||||||
|
- Admin generates/revokes via user permissions modal
|
||||||
|
- User login with token `/auth/token/login?token=rmab_...`
|
||||||
|
- Invalid token redirects to `/login`
|
||||||
|
|
||||||
## Security
|
## Security
|
||||||
|
|
||||||
- Never log tokens
|
- Never log tokens
|
||||||
|
|||||||
Reference in New Issue
Block a user