| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2026-02-13 | feat(auth): store JWT in HTTP-only cookie instead of JS-accessible cookie | nsfisis | |
| Prevent XSS-based token theft by making the JWT inaccessible to JavaScript. The backend now sets/clears the cookie via Set-Cookie headers, and the frontend retrieves user info from /api/me instead of decoding the JWT directly. - Add JWTCookieMiddleware to parse cookie and inject claims into context - Add /me and /logout endpoints to OpenAPI spec and handlers - Update PostLogin to return user object + Set-Cookie header - Replace Authorization header auth with cookie-based auth throughout - Rewrite frontend auth to use /api/me instead of jwt-decode - Remove jwt-decode dependency - Configure CORS with credentials for local dev Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> | |||
| 2026-02-13 | refactor: rename module/package name | nsfisis | |
| 2025-09-17 | feat(backend,frontend): implement tournament page | nsfisis | |
| 2025-08-17 | feat: update "PHPerKaigi" to "iOSDC Japan" | nsfisis | |
| 2025-03-08 | websocket to polling | nsfisis | |
| 2025-03-04 | update go package names | nsfisis | |
| 2024-08-08 | feat(backend): add `code_hash` to `submissions` table | nsfisis | |
| 2024-08-08 | feat(backend/worker): enable `revive` in `golangci-lint` | nsfisis | |
| 2024-08-08 | feat(backend/worker): enable `stylecheck` in `golangci-lint` | nsfisis | |
| 2024-08-04 | chore: remove admin APIs to communicate between app-server and api-server | nsfisis | |
| 2024-08-01 | refactor: simplify error responses in OpenAPI spec | nsfisis | |
| 2024-08-01 | refactor(backend): wrap ApiHandler with user authentication | nsfisis | |
 |
index : phperkaigi-2026-albatross | |
| phperkaigi-2026-albatross | nsfisis |
| aboutsummaryrefslogtreecommitdiffhomepage |