ReadMeABook

barbercollie/ReadMeABook

Fork 1

mirror of https://github.com/kikootwo/ReadMeABook.git synced 2026-06-03 21:00:09 +00:00

Commit Graph

Author	SHA1	Message	Date
kikootwo	4322c3af90	Add session revocation & consolidate rate limiting Add sessions_invalidated_at to users (migration + Prisma schema) to support immediate session revocation. Set sessionsInvalidatedAt when an admin revokes a user's login token and enforce revocation checks in auth middleware and the refresh endpoint (compare token iat against sessionsInvalidatedAt). Add optional iat fields to JWT payload types. Scrub token from browser history after token-login. Consolidate rate-limiting logic into src/lib/utils/rateLimit.ts (rename/merge previous auth/apiToken rate limiter implementations), remove the old apiTokenRateLimit.ts, and update imports and tests to use the new module.	2026-03-13 12:41:07 -04:00
Orvanix	5ae58a36b4	refactor(auth): reuse tokenHash from generateApiToken	2026-03-12 18:02:03 +00:00
Orvanix	2749902564	feat(auth): add admin login token management	2026-03-12 11:04:01 +00:00

Author

SHA1

Message

Date

kikootwo

4322c3af90

Add session revocation & consolidate rate limiting

Add sessions_invalidated_at to users (migration + Prisma schema) to support immediate session revocation. Set sessionsInvalidatedAt when an admin revokes a user's login token and enforce revocation checks in auth middleware and the refresh endpoint (compare token iat against sessionsInvalidatedAt). Add optional iat fields to JWT payload types. Scrub token from browser history after token-login. Consolidate rate-limiting logic into src/lib/utils/rateLimit.ts (rename/merge previous auth/apiToken rate limiter implementations), remove the old apiTokenRateLimit.ts, and update imports and tests to use the new module.

2026-03-13 12:41:07 -04:00

Orvanix

5ae58a36b4

refactor(auth): reuse tokenHash from generateApiToken

2026-03-12 18:02:03 +00:00

Orvanix

2749902564

feat(auth): add admin login token management

2026-03-12 11:04:01 +00:00

3 Commits