mikkel/pvm - Git @ Georgsen: Vibecoders Unite!

mikkel/pvm

Fork 0

Commit graph

Author	SHA1	Message	Date
Mikkel Georgsen	a22ba48709	Add Zitadel OIDC setup, SMTP config, and security fixes - Add setup-zitadel.sh: idempotent script that creates PVM project and OIDC app via Zitadel Management API using machine user PAT - Add machine user + PAT auto-generation to docker-compose via FIRSTINSTANCE env vars with bind-mounted machinekey directory - Add SMTP configuration for email sending (verification, password reset) - Fix JWT algorithm confusion attack: restrict to RS256/384/512 only - Add docs/TODO_SECURITY.md tracking review findings - Update .env.example files with correct local dev URLs - Add docker/machinekey/ to .gitignore Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-08 12:34:44 +01:00
Mikkel Georgsen	c972926d31	Scaffold base webapp: Rust/Axum API + SvelteKit dashboard + Docker dev env Backend (Rust/Axum): - pvm-api: Axum server with health and user profile endpoints, OpenAPI/Swagger UI, CORS, tracing, graceful shutdown - pvm-auth: JWT validation middleware with JWKS cache for offline-capable Zitadel token verification - pvm-core: Shared error types with IntoResponse impl - pvm-types: Shared domain types (UserProfile) Frontend (SvelteKit): - Dashboard app with Svelte 5 + TypeScript + Tailwind CSS v4 - Zitadel OIDC auth via @auth/sveltekit (PKCE flow) - Pages: landing, sign-in, dashboard, account settings - Responsive sidebar layout with dark mode support - Typed API client for backend communication Infrastructure: - Docker Compose dev environment with Zitadel v3, PostgreSQL 16, and DragonflyDB - Environment variable examples and setup documentation Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-08 03:37:07 +01:00

Author

SHA1

Message

Date

Mikkel Georgsen

a22ba48709

Add Zitadel OIDC setup, SMTP config, and security fixes

- Add setup-zitadel.sh: idempotent script that creates PVM project
  and OIDC app via Zitadel Management API using machine user PAT
- Add machine user + PAT auto-generation to docker-compose via
  FIRSTINSTANCE env vars with bind-mounted machinekey directory
- Add SMTP configuration for email sending (verification, password reset)
- Fix JWT algorithm confusion attack: restrict to RS256/384/512 only
- Add docs/TODO_SECURITY.md tracking review findings
- Update .env.example files with correct local dev URLs
- Add docker/machinekey/ to .gitignore

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-08 12:34:44 +01:00

Mikkel Georgsen

c972926d31

Scaffold base webapp: Rust/Axum API + SvelteKit dashboard + Docker dev env

Backend (Rust/Axum):
- pvm-api: Axum server with health and user profile endpoints,
  OpenAPI/Swagger UI, CORS, tracing, graceful shutdown
- pvm-auth: JWT validation middleware with JWKS cache for
  offline-capable Zitadel token verification
- pvm-core: Shared error types with IntoResponse impl
- pvm-types: Shared domain types (UserProfile)

Frontend (SvelteKit):
- Dashboard app with Svelte 5 + TypeScript + Tailwind CSS v4
- Zitadel OIDC auth via @auth/sveltekit (PKCE flow)
- Pages: landing, sign-in, dashboard, account settings
- Responsive sidebar layout with dark mode support
- Typed API client for backend communication

Infrastructure:
- Docker Compose dev environment with Zitadel v3, PostgreSQL 16,
  and DragonflyDB
- Environment variable examples and setup documentation

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-08 03:37:07 +01:00

2 commits