feat(mvp): phase 3 - authentication system
Implement local auth flow: login, registration, logout, JWT access/refresh tokens in HTTP-only cookies, hooks.server.ts middleware, guest mode support, Superforms + Zod validation, and reusable auth/authorize middleware.
This commit is contained in:
@@ -2,7 +2,7 @@
|
||||
|
||||
## Current State
|
||||
|
||||
Phase 2 (Database Schema & Services Layer) is complete. The Prisma schema defines 10 models (User, Group, UserGroup, App, AppStatus, Board, Section, Widget, Permission, SystemSettings). Initial migration has been applied and the SQLite database created at `data/launcher.db`. Seed data includes an admin user, default groups, 5 sample apps, and a default board with 2 sections. Six server-side services provide full CRUD operations. Zod validators, TypeScript type definitions, shared constants, and an API response envelope utility are all in place. Build does not pass yet (Big Bang strategy — expected).
|
||||
Phase 3 (Authentication System) is complete. The full local authentication flow is implemented: login, registration, logout, and JWT token refresh. `hooks.server.ts` validates access tokens on every request, injects `event.locals.user`/`session`, and silently rotates expired tokens via refresh tokens. Protected routes redirect to `/login`; guest-accessible board routes are exempt. Login and registration pages use Superforms + Zod with inline validation errors. Registration respects the `SystemSettings.registrationEnabled` toggle. Reusable middleware helpers (`requireAuth`, `requireAdmin`, `requireRole`) are available for downstream phases. The root layout injects user session into all page data. The root page redirects to the default board or login. `jwt.ts` and `password.ts` are thin re-exports from `authService` (no duplication). Build does not pass yet (Big Bang strategy — expected).
|
||||
|
||||
## Temporary Workarounds
|
||||
|
||||
@@ -13,7 +13,7 @@ Phase 2 (Database Schema & Services Layer) is complete. The Prisma schema define
|
||||
## Cross-Phase Dependencies
|
||||
|
||||
- Phase 2 depends on Phase 1 (project scaffolding, Prisma setup)
|
||||
- Phase 3 depends on Phase 2 (user/group models, auth service)
|
||||
- Phase 3 depends on Phase 2 (user/group models, auth service) ✅
|
||||
- Phase 4 depends on Phase 2 (app model, services layer)
|
||||
- Phase 5 depends on Phase 2 (board/section/widget models) and Phase 4 (app widget references apps)
|
||||
- Phase 6 depends on Phases 3-5 (admin needs auth, app, board entities)
|
||||
|
||||
Reference in New Issue
Block a user