| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Register now calls POST /v1/login on the Wikimedia auth endpoint
to obtain refresh_token and access_token. Tokens are hashed (SHA-256)
before storage. If the API call fails, registration fails.
|
|
Register only saves username and plaintext password.
Token fields are left empty until set by the Wikimedia API.
|
|
Remove SHA-256 hashing for the password column.
Tokens still hashed with SHA-256 in the database.
|
|
- HTTP API with JSON over configurable port (default 8080)
- Endpoints: POST /register, POST /login, POST /refresh, GET /health
- MariaDB storage with SHA-256 hashed credentials and tokens
- Token rotation on login and refresh
- Config loaded from config.json (not tracked in git)
- Graceful shutdown on SIGINT/SIGTERM
- Connection pool (25 max open, 10 idle, 5min max lifetime)
|
