03bf9f2a4d
🧪 test(auth): OIDC handler unit tests (ADR-0028 Phase B.4 follow-up)
...
This adds the missing unit tests for OIDC HTTP handlers that were deferred
from PR #75 . Tests cover unknown provider rejection, missing/unknown state
rejection, and PKCE redirect validation.
Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai >
2026-05-05 22:31:28 +02:00
d19fed6610
✨ feat(auth): OIDC HTTP handlers /start + /callback (ADR-0028 Phase B.4) ( #75 )
...
CI/CD Pipeline / Build Docker Cache (push) Successful in 9s
CI/CD Pipeline / Trigger Docker Push (push) Has been cancelled
CI/CD Pipeline / CI Pipeline (push) Has been cancelled
Co-authored-by: Gabriel Radureau <arcodange@gmail.com >
Co-committed-by: Gabriel Radureau <arcodange@gmail.com >
2026-05-05 22:29:34 +02:00
9072b3e246
✨ feat(bdd): magic-link BDD scenarios + bcrypt overflow fix (ADR-0028 Phase A.5) ( #63 )
...
CI/CD Pipeline / Build Docker Cache (push) Successful in 9s
CI/CD Pipeline / CI Pipeline (push) Successful in 5m0s
CI/CD Pipeline / Trigger Docker Push (push) Successful in 5s
Co-authored-by: Gabriel Radureau <arcodange@gmail.com >
Co-committed-by: Gabriel Radureau <arcodange@gmail.com >
2026-05-05 11:44:41 +02:00
f39acf5de5
✨ feat(auth): magic-link request + consume HTTP handlers (ADR-0028 Phase A.4) ( #62 )
...
CI/CD Pipeline / Build Docker Cache (push) Successful in 8s
CI/CD Pipeline / CI Pipeline (push) Successful in 4m56s
CI/CD Pipeline / Trigger Docker Push (push) Successful in 6s
Co-authored-by: Gabriel Radureau <arcodange@gmail.com >
Co-committed-by: Gabriel Radureau <arcodange@gmail.com >
2026-05-05 11:32:12 +02:00
f71495b6fc
✨ feat(admin): GET /api/v1/admin/jwt/secrets — metadata-only introspection ( #51 )
...
CI/CD Pipeline / Build Docker Cache (push) Successful in 57s
CI/CD Pipeline / Trigger Docker Push (push) Has been cancelled
CI/CD Pipeline / CI Pipeline (push) Has been cancelled
Co-authored-by: Gabriel Radureau <arcodange@gmail.com >
Co-committed-by: Gabriel Radureau <arcodange@gmail.com >
2026-05-05 09:51:54 +02:00
5eec64e5e8
🧪 test: add JWT secret rotation BDD scenarios and step implementations ( #12 )
...
CI/CD Pipeline / Build Docker Cache (push) Successful in 9s
CI/CD Pipeline / CI Pipeline (push) Successful in 4m15s
CI/CD Pipeline / Trigger Docker Push (push) Has been skipped
✨ merge: implement JWT secret rotation with BDD scenario isolation
- Implement JWT secret rotation mechanism (closes #8 )
- Add per-scenario state isolation for BDD tests (closes #14 )
- Validate password reset workflow via BDD tests (closes #7 )
- Fix port conflicts in test validation
- Add state tracer for debugging test execution
- Document BDD isolation strategies in ADR 0025
- Fix PostgreSQL configuration environment variables
Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai >
Co-authored-by: Gabriel Radureau <arcodange@gmail.com >
Co-committed-by: Gabriel Radureau <arcodange@gmail.com >
2026-04-11 17:56:45 +02:00
52a4ce4139
✨ feat: implement user authentication system with JWT and PostgreSQL
...
Added comprehensive user management system:
- User registration with validation (3-50 char username, 6+ char password)
- JWT-based authentication with bcrypt password hashing
- Admin authentication with master password
- Password reset workflow with admin flagging
- PostgreSQL repository implementation
- SQLite repository for testing
- Unified authentication service interface
API Endpoints:
- POST /api/v1/auth/register - User registration
- POST /api/v1/auth/login - User/admin authentication
- POST /api/v1/auth/password-reset/request - Request password reset
- POST /api/v1/auth/password-reset/complete - Complete password reset
- POST /api/v1/auth/validate - JWT token validation
Security Features:
- Password hashing with bcrypt
- JWT token generation and validation
- Admin claims in JWT tokens
- Configurable token expiration
- Input validation for all endpoints
Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai >
2026-04-09 00:25:43 +02:00
