alexei.dolgolyov/web-app-launcher
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
54 Commits 3 Branches 1 Tag
5af670fa3c640ff42c2a68d6661bd1364d91c34d
Commit Graph

3 Commits

Author SHA1 Message Date
alexei.dolgolyov 215c8fdd46 fix: enforce API token scope on requests 
- Add apiTokenScope to App.Locals type definition
- Store token scope in event.locals during API token auth
- Block write operations (POST/PATCH/PUT/DELETE) for read-scoped tokens
- Block admin paths for non-admin-scoped tokens
- Returns 403 with descriptive error message
 2026-03-25 14:32:48 +03:00
alexei.dolgolyov f1b1aa5975 feat(mvp): phase 2 - database schema & services layer 
Define full Prisma schema (10 models), run initial migration, build core
services (auth, user, group, app, board, permission), Zod validators,
type definitions, API response envelope, constants, and seed script.
 2026-03-24 20:00:21 +03:00
alexei.dolgolyov cf6bde238c feat(mvp): phase 1 - project scaffolding & tooling 
Initialize SvelteKit project with Svelte 5, TypeScript strict, Tailwind CSS v4,
shadcn-svelte, Prisma + SQLite, Vitest, ESLint, Prettier. Add Docker multi-stage
build, docker-compose, and Gitea Actions CI pipeline.
 2026-03-24 19:53:06 +03:00