| Age | Commit message (Collapse) | Author | Lines |
|
REGISTER_TOKEN: passkey registration only
API_TOKEN: POST /api/posts authentication
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Prevents anyone who finds /auth/register from registering.
Token is set via REGISTER_TOKEN env var on the server.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
- Rewrite CSS to light/white theme
- Add delete button (auth-gated) with confirm dialog
- Add passkey register/login/logout routes via @simplewebauthn
- Gate compose form and delete behind session authentication
- Add credentials table to SQLite schema
- Add SESSION_SECRET and WebAuthn env vars to docker-compose
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
|
Markdown-based personal microblog with REST API.
XSS protection via sanitize-html on server-side markdown rendering.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|