| Age | Commit message (Collapse) | Author | Lines |
|
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
React Router v7 treats POST to routes with a default export as document
requests and returns HTML instead of the action's JSON response. Moving
the API logic to an action-only route (/api/passkey) fixes this.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
- Remove extensions.credProps (WebAuthn L2, causes TypeError on older iOS)
- Remove alg:-8 (Ed25519, not universally supported)
- Show error name in UI for easier debugging
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
hints is a WebAuthn L3 field that older iOS Safari cannot process,
causing "String does not match expected pattern" TypeError.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
REGISTER_TOKEN: passkey registration only
API_TOKEN: POST /api/posts authentication
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Reuses REGISTER_TOKEN so the same secret covers both
passkey registration and API posting.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Prevents anyone who finds /auth/register from registering.
Token is set via REGISTER_TOKEN env var on the server.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
- Rewrite CSS to light/white theme
- Add delete button (auth-gated) with confirm dialog
- Add passkey register/login/logout routes via @simplewebauthn
- Gate compose form and delete behind session authentication
- Add credentials table to SQLite schema
- Add SESSION_SECRET and WebAuthn env vars to docker-compose
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
better-sqlite3 requires python3, make, g++ to compile native addon on musl.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Markdown-based personal microblog with REST API.
XSS protection via sanitize-html on server-side markdown rendering.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
|