pvm/crates/pvm-auth/src at main - mikkel/pvm - Git @ Georgsen: Vibecoders Unite!

mikkel/pvm

History

Mikkel Georgsen ed0578cd07 Address security/tech debt: token refresh, JWKS thundering herd, config safety, jq migration - Add token refresh logic in Auth.js JWT callback with 60s expiry buffer - Fix JWKS cache thundering herd with Mutex + double-checked locking - Make trustHost conditional (dev-only) via SvelteKit's $app/environment - Make devMode conditional on ZITADEL_PRODUCTION env var in setup script - Replace fragile grep/cut JSON parsing with jq in setup-zitadel.sh - Add OIDC_GRANT_TYPE_REFRESH_TOKEN to Zitadel OIDC app grant types - Update TODO_SECURITY.md: mark resolved items, add RefreshAccessTokenError frontend handling Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>		2026-02-08 13:17:42 +01:00
..
claims.rs	Scaffold base webapp: Rust/Axum API + SvelteKit dashboard + Docker dev env	2026-02-08 03:37:07 +01:00
jwks.rs	Address security/tech debt: token refresh, JWKS thundering herd, config safety, jq migration	2026-02-08 13:17:42 +01:00
lib.rs	Scaffold base webapp: Rust/Axum API + SvelteKit dashboard + Docker dev env	2026-02-08 03:37:07 +01:00
middleware.rs	Add Zitadel OIDC setup, SMTP config, and security fixes	2026-02-08 12:34:44 +01:00