| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
GET /article?username=alice&name=en.wikipedia/Sun
→ proxies to api.enterprise.wikimedia.com/v2/structured-contents/{name}
with Authorization: Bearer <access_token>
Returns 401 for unknown users, 400 if params missing,
and passes through the upstream HTTP status on errors.
|
|
Returns access_token and valid_until for a given username.
GET /token?username=foo → {"access_token": "...", "valid_until": "2026-06-26T15:00:51Z"}
|
|
Returns the stored access_token and the timestamp when it was
created (access_token_created). Returns 401 for unknown users.
|
|
- RefreshTokens checks token age and chooses the right path:
- refresh_token > 90 days: re-auth via WikimediaLogin (full login)
- access_token > 24 hours: refresh via WikimediaTokenRefresh
- otherwise: return current tokens
- WikimediaTokenRefresh posts to /v1/token-refresh endpoint
- Login also uses WikimediaLogin instead of local RotateTokens
- Removed dead RotateTokens, RefreshByToken, and randomHex
- DSN includes parseTime=true for timestamp columns
|
|
- WikimediaLogin is a standalone function: POSTs to auth.enterprise.wikimedia.com
and returns the tokens. Can be called from any flow.
- Register composes WikimediaLogin + CreateAccount
- CreateAccount now takes tokens as arguments (pure DB insert)
|
|
- INSERT and UPDATE now set both refresh_token_created and
access_token_created timestamps
- Register handler logs the actual error on failure
|
|
- HTTP API with JSON over configurable port (default 8080)
- Endpoints: POST /register, POST /login, POST /refresh, GET /health
- MariaDB storage with SHA-256 hashed credentials and tokens
- Token rotation on login and refresh
- Config loaded from config.json (not tracked in git)
- Graceful shutdown on SIGINT/SIGTERM
- Connection pool (25 max open, 10 idle, 5min max lifetime)
|
