 Tim Farrell
|
08e8e922fd
Endpoint role-checking was redundantly applied but FastAPI provides a nice abstraction mechanic...so I applied it. There should be no logical changes in this code; only simpler, cleaner ways for doing the same thing.
|
1 tahun lalu |
|
Tim Farrell
|
4fceb404bd
Call `jwt.decode` with the expected algorithms
|
1 tahun lalu |
|
Tim Farrell
|
e15dbdc46a
Pass the instance we're using.
|
1 tahun lalu |
|
Tim Farrell
|
8c37edd027
Even though "User.email" is enforced as unique at signup, it is not a unique field in the database. Let's use "User.id" instead. This also makes it more difficult to do a session stealing attack.
|
1 tahun lalu |
|
Tim Farrell
|
2c1dacb9b6
We should verify signatures to make the whole session secret meaningful.
|
1 tahun lalu |
|
Tim Farrell
|
d67f3d982b
Start by renaming variables to something more generic. This will give us a bit more flexibility as we look to other session management mechanisms.
|
1 tahun lalu |
 Timothy J. Baek
|
5e6d946f83
chore: disable passlib log
|
1 tahun lalu |
 ThatOneCalculator
|
07cc7f15d5
chore: :rotating_light: lint and format
|
1 tahun lalu |
 Anuraag Jain
|
77323d9b25
refac: remove the verify_token and use get-current user for auth+user
|
1 tahun lalu |
|
Anuraag Jain
|
bdd153d8f5
refac: use dependencies to verify token
|
1 tahun lalu |
|
Anuraag Jain
|
a01b112f7f
feat(auth): add auth middleware
|
1 tahun lalu |
|
Timothy J. Baek
|
83ff1d77ea
feat: set first user to admin by default
|
1 tahun lalu |
|
Timothy J. Baek
|
8547b7807d
feat: basic RBAC support
|
1 tahun lalu |
