jackboxpartypack-gamepicker

HyperSpaceOut/jackboxpartypack-gamepicker

Fork 0

Commit Graph

Author	SHA1	Message	Date
cottongin	9f60c6983d	feat: auth route uses named admin lookup, embeds name in JWT - Login/verify use findAdminByKey; JWT and response include admin name - Verify returns 403 when token lacks name (legacy tokens) - Test tokens include name for getAuthToken() - Set Content-Type on supertest JSON bodies (superagent/mime resolution) Made-with: Cursor	2026-03-23 09:38:35 -04:00
cottongin	974f0e4a67	Harden secret handling: remove weak fallback defaults, fail fast on missing env vars JWT_SECRET and ADMIN_KEY no longer fall back to insecure defaults. The app will throw at startup if these env vars are not set. docker-compose.yml now uses :? syntax to require them. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-02-07 14:07:09 -05:00
cottongin	2db707961c	initial commit	2025-10-30 04:27:43 -04:00

Author

SHA1

Message

Date

cottongin

9f60c6983d

feat: auth route uses named admin lookup, embeds name in JWT

- Login/verify use findAdminByKey; JWT and response include admin name
- Verify returns 403 when token lacks name (legacy tokens)
- Test tokens include name for getAuthToken()
- Set Content-Type on supertest JSON bodies (superagent/mime resolution)

Made-with: Cursor

2026-03-23 09:38:35 -04:00

cottongin

974f0e4a67

Harden secret handling: remove weak fallback defaults, fail fast on missing env vars

JWT_SECRET and ADMIN_KEY no longer fall back to insecure defaults.
The app will throw at startup if these env vars are not set.
docker-compose.yml now uses :? syntax to require them.

Co-authored-by: Cursor <cursoragent@cursor.com>

2026-02-07 14:07:09 -05:00

cottongin

2db707961c

initial commit

2025-10-30 04:27:43 -04:00

3 Commits