summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorLines
2026-06-19Require Bearer token auth on POST /api/postsyyamashita-0/+6
Reuses REGISTER_TOKEN so the same secret covers both passkey registration and API posting. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19Require REGISTER_TOKEN to create a passkeyyyamashita-26/+43
Prevents anyone who finds /auth/register from registering. Token is set via REGISTER_TOKEN env var on the server. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19Add white theme, post delete, and passkey authenticationyyamashita-76/+825
- Rewrite CSS to light/white theme - Add delete button (auth-gated) with confirm dialog - Add passkey register/login/logout routes via @simplewebauthn - Gate compose form and delete behind session authentication - Add credentials table to SQLite schema - Add SESSION_SECRET and WebAuthn env vars to docker-compose Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19Clear form textarea after successful post submissionyyamashita-1/+12
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19Fix Dockerfile: add build tools for better-sqlite3 on Alpineyyamashita-0/+2
better-sqlite3 requires python3, make, g++ to compile native addon on musl. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19Initial implementation of microblogyyamashita-0/+5370
Markdown-based personal microblog with REST API. XSS protection via sanitize-html on server-side markdown rendering. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19Initial commityyamashita-0/+0