pvm/crates/pvm-auth at main - mikkel/pvm - Git @ Georgsen: Vibecoders Unite!

mikkel/pvm

History

Mikkel Georgsen ed0578cd07 Address security/tech debt: token refresh, JWKS thundering herd, config safety, jq migration - Add token refresh logic in Auth.js JWT callback with 60s expiry buffer - Fix JWKS cache thundering herd with Mutex + double-checked locking - Make trustHost conditional (dev-only) via SvelteKit's $app/environment - Make devMode conditional on ZITADEL_PRODUCTION env var in setup script - Replace fragile grep/cut JSON parsing with jq in setup-zitadel.sh - Add OIDC_GRANT_TYPE_REFRESH_TOKEN to Zitadel OIDC app grant types - Update TODO_SECURITY.md: mark resolved items, add RefreshAccessTokenError frontend handling Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-08 13:17:42 +01:00
..
src	Address security/tech debt: token refresh, JWKS thundering herd, config safety, jq migration	2026-02-08 13:17:42 +01:00
Cargo.toml	Scaffold base webapp: Rust/Axum API + SvelteKit dashboard + Docker dev env	2026-02-08 03:37:07 +01:00

Mikkel Georgsen ed0578cd07 Address security/tech debt: token refresh, JWKS thundering herd, config safety, jq migration

- Add token refresh logic in Auth.js JWT callback with 60s expiry buffer
- Fix JWKS cache thundering herd with Mutex + double-checked locking
- Make trustHost conditional (dev-only) via SvelteKit's $app/environment
- Make devMode conditional on ZITADEL_PRODUCTION env var in setup script
- Replace fragile grep/cut JSON parsing with jq in setup-zitadel.sh
- Add OIDC_GRANT_TYPE_REFRESH_TOKEN to Zitadel OIDC app grant types
- Update TODO_SECURITY.md: mark resolved items, add RefreshAccessTokenError frontend handling

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-08 13:17:42 +01:00

src

Address security/tech debt: token refresh, JWKS thundering herd, config safety, jq migration

2026-02-08 13:17:42 +01:00

Cargo.toml

Scaffold base webapp: Rust/Axum API + SvelteKit dashboard + Docker dev env

2026-02-08 03:37:07 +01:00