|
|
56770955d4
|
test: make type assertions stricter and replaced silent returns with explicit errors
|
2026-01-09 18:44:18 +01:00 |
|
|
|
34fbc2f8b1
|
test: ensure refresh token rotation is documented
|
2026-01-09 18:43:25 +01:00 |
|
|
|
05e69c7f36
|
test: extend requiredPaths and authEndpoints to include new auth endpoints
|
2026-01-09 18:42:27 +01:00 |
|
|
|
9ff7c98cf0
|
refactor: create helper to fetch/parse swagger doc
|
2026-01-09 18:41:14 +01:00 |
|
|
|
893ee154de
|
refactor: replace interface{} by any
|
2026-01-09 18:39:49 +01:00 |
|
|
|
dfee90504a
|
docs: update refresh token rotation description and examples
|
2026-01-08 06:29:12 +01:00 |
|
|
|
bc0c9e5fea
|
docs: update refresh token examples for Swagger
|
2026-01-08 06:28:59 +01:00 |
|
|
|
35ef42eb93
|
docs: document refresh token rotation and update examples
|
2026-01-08 06:28:48 +01:00 |
|
|
|
9ceaf35fd9
|
docs: note refresh token rotation and auth refresh/revoke endpoints
|
2026-01-08 06:28:29 +01:00 |
|
|
|
395cc299f3
|
test: validate rotated refresh token and old-token failure
|
2026-01-08 06:17:21 +01:00 |
|
|
|
058c69b414
|
test: enforce refresh token rotation and old-token rejection
|
2026-01-08 06:17:15 +01:00 |
|
|
|
d744aa8393
|
test: assert refresh token rotation in E2E flow
|
2026-01-08 06:16:52 +01:00 |
|
|
|
44e2f97cb7
|
test: assert refresh token rotation and old-token invalidation
|
2026-01-08 06:16:44 +01:00 |
|
|
|
4888916613
|
test: cover refresh rotation and invalid/expired/locked cases
|
2026-01-08 06:16:30 +01:00 |
|
|
|
3ca2334932
|
feat: return rotated refresh token on refresh
|
2026-01-08 06:16:01 +01:00 |
|
|
|
02d0c3f946
|
feat: rotate refresh tokens with shared validation helper
|
2026-01-08 06:15:53 +01:00 |
|
|
|
1b55c9543e
|
fix: simplify else-if branches
|
2026-01-07 17:16:02 +01:00 |
|
|
|
73930dabd8
|
feat: use a map for O(1) lookup instead of a linear search
|
2026-01-07 15:20:03 +01:00 |
|
|
|
19aadc6fc8
|
fix: prevent integer overflow in uint validation
|
2026-01-07 15:10:51 +01:00 |
|
|
|
8bdff51eed
|
fix: no need to disable check "hugeParam": it's already disabled
|
2026-01-07 14:54:05 +01:00 |
|
|
|
ac2dfdde70
|
refactor: use math/rand only for seed command initialization
|
2026-01-07 11:43:55 +01:00 |
|
|
|
c3d0d16e44
|
refactor: use math/rand only for parallel processor seeding
|
2026-01-07 11:43:47 +01:00 |
|
|
|
75a33994db
|
fix: use CommandContext in deployment test
|
2026-01-07 09:54:46 +01:00 |
|
|
|
365c9a8482
|
chore: disable some checks for clarity
|
2026-01-07 09:46:20 +01:00 |
|
|
|
87cc0ff68c
|
feat: expand CleanupTestData to clear refresh tokens
|
2026-01-07 09:31:51 +01:00 |
|
|
|
6eb6b2c4e2
|
refactor: use testutils helpers and gorm for user/post setup
|
2026-01-07 09:31:30 +01:00 |
|
|
|
c7fb1461ab
|
clean: remove unused duplicate functions that are already implemented/used in repositories/fixtures.go
|
2025-12-28 08:21:58 +01:00 |
|
|
|
8cb02413aa
|
refactor: replace createTestUserWithAuth with consolidated helper
|
2025-12-27 17:43:31 +01:00 |
|
|
|
3e9246c975
|
refactor: make createAuthenticatedUser accept interface and add user-only variant
|
2025-12-27 17:43:19 +01:00 |
|
|
|
c04602d8d9
|
refactor: use testutils helper for account deletion request creation
|
2025-12-27 17:33:04 +01:00 |
|
|
|
e5c72591e6
|
feat: add repo-backed entity factories
|
2025-12-27 17:32:01 +01:00 |
|
|
|
c29ccecc15
|
refactor: variables name and use strings.Cut()
|
2025-12-27 08:44:29 +01:00 |
|
|
|
726cf6ca68
|
chore: update golangci config to v2 schema
|
2025-12-27 08:37:08 +01:00 |
|
|
|
de1e3f2190
|
fix: reject 5xx errors in TestQueryParameters to catch regressions
|
2025-12-26 18:49:32 +01:00 |
|
|
|
310875368d
|
fix: make TestStaticFileRoute validate static handler correctly
|
2025-12-26 18:48:44 +01:00 |
|
|
|
ffba8f6257
|
clean: remove duplicate
|
2025-12-26 17:54:04 +01:00 |
|
|
|
24bed6fc6c
|
docs: update readme
|
2025-12-26 17:53:21 +01:00 |
|
|
|
20f14d0863
|
refactor: use middleware.IsHTTPS instead of local function
|
2025-12-26 17:41:16 +01:00 |
|
|
|
d0914eb5dc
|
test: update IsHTTPS test to use middleware.IsHTTPS
|
2025-12-26 17:41:04 +01:00 |
|
|
|
ab3efc99a8
|
refactor: remove duplicate IsHTTPS, use middleware.IsHTTPS
|
2025-12-26 17:40:47 +01:00 |
|
|
|
9017816812
|
refactor: export IsHTTPS function for shared use
|
2025-12-26 17:40:31 +01:00 |
|
|
|
7b9250802e
|
test: verify login works with legacy passwords
|
2025-12-26 17:36:13 +01:00 |
|
|
|
3f4cad5488
|
fix: remove password complexity validation from login
|
2025-12-26 17:35:59 +01:00 |
|
|
|
027df4f60c
|
test: add security header preservation tests for cache
|
2025-12-26 17:33:25 +01:00 |
|
|
|
77886ddef5
|
fix: preserve security headers on cache hits
|
2025-12-26 17:33:12 +01:00 |
|
|
|
5477bbf0a7
|
test: add integration test for CSRF cookie-only bypass
|
2025-12-26 17:29:51 +01:00 |
|
|
|
fc23cbd6fd
|
test: verify CSRF rejects requests with only cookie token
|
2025-12-26 17:28:58 +01:00 |
|
|
|
0802b9dd9d
|
fix: GetCSRFToken() shouldn't fall back to the cookie
|
2025-12-26 17:28:10 +01:00 |
|
|
|
566890f48f
|
fix: suitable LOG and PID dir for docker env
|
2025-12-25 18:52:34 +01:00 |
|
|
|
f4bfb829e6
|
fix: add missing parameter
|
2025-12-25 18:49:51 +01:00 |
|
