summaryrefslogtreecommitdiff
path: root/docker-compose.yml
AgeCommit message (Collapse)AuthorLines
2026-06-19Separate API_TOKEN from REGISTER_TOKENyyamashita-0/+1
REGISTER_TOKEN: passkey registration only API_TOKEN: POST /api/posts authentication Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19Require REGISTER_TOKEN to create a passkeyyyamashita-0/+1
Prevents anyone who finds /auth/register from registering. Token is set via REGISTER_TOKEN env var on the server. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19Add white theme, post delete, and passkey authenticationyyamashita-0/+3
- Rewrite CSS to light/white theme - Add delete button (auth-gated) with confirm dialog - Add passkey register/login/logout routes via @simplewebauthn - Gate compose form and delete behind session authentication - Add credentials table to SQLite schema - Add SESSION_SECRET and WebAuthn env vars to docker-compose Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19Initial implementation of microblogyyamashita-0/+21
Markdown-based personal microblog with REST API. XSS protection via sanitize-html on server-side markdown rendering. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>