nanodrop

brendan/nanodrop

Fork 0

Commit Graph

Author	SHA1	Message	Date
Brendan Chen	623a3374cf	feat(auth): rename session cookie to nanodrop_session Flips SESSION_COOKIE_NAME from 'token' to 'nanodrop_session' per the family per-app naming convention (<app>_session). fastify-jwt's cookieName in server.ts is now sourced from the constant so a future rename only needs to touch constants.ts. Hard-cut migration with no dual-cookie shim: the existing 'token' cookie has no Max-Age so it dies on browser close anyway, and this is a single-user deployment per CLAUDE.md. Users re-log in once after deploy. Test files updated mechanically: cookies: { token } → cookies: { nanodrop_session: token } (variable name 'token' kept locally), clearCookie regex updated, login response now also asserts Max-Age=2592000 from the family TTL.	2026-05-09 10:12:25 -07:00
Brendan Chen	8fd1464b9d	Add server, routes, views, CLI, CSS, and integration tests - Server factory with Fastify plugins (JWT, cookie, multipart, formbody, static) - Auth middleware: requireAuth preHandler (401 for API, redirect for pages) - Auth API routes: POST /api/v1/auth/login, POST /api/v1/auth/logout - File API routes: GET/POST /api/v1/files, DELETE /api/v1/files/:id - Page routes: /, /login, /logout, /upload, /files, /files/:id/delete, /f/:id, /f/:id/raw - HTML views: layout, login, upload, file-list, file-view, not-found - CLI register-user script - public/style.css dark theme - Test helpers: createTestApp, loginAs, buildMultipart - Integration tests for auth API, file API, and page routes (51 tests passing) - Update CLAUDE.md with red/green TDD and commit instructions Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-03 15:55:14 -08:00

Author

SHA1

Message

Date

Brendan Chen

623a3374cf

feat(auth): rename session cookie to nanodrop_session

Flips SESSION_COOKIE_NAME from 'token' to 'nanodrop_session' per the
family per-app naming convention (<app>_session). fastify-jwt's
cookieName in server.ts is now sourced from the constant so a future
rename only needs to touch constants.ts.

Hard-cut migration with no dual-cookie shim: the existing 'token'
cookie has no Max-Age so it dies on browser close anyway, and this
is a single-user deployment per CLAUDE.md. Users re-log in once
after deploy.

Test files updated mechanically: cookies: { token } → cookies: {
nanodrop_session: token } (variable name 'token' kept locally),
clearCookie regex updated, login response now also asserts
Max-Age=2592000 from the family TTL.

2026-05-09 10:12:25 -07:00

Brendan Chen

8fd1464b9d

Add server, routes, views, CLI, CSS, and integration tests

- Server factory with Fastify plugins (JWT, cookie, multipart, formbody, static)
- Auth middleware: requireAuth preHandler (401 for API, redirect for pages)
- Auth API routes: POST /api/v1/auth/login, POST /api/v1/auth/logout
- File API routes: GET/POST /api/v1/files, DELETE /api/v1/files/:id
- Page routes: /, /login, /logout, /upload, /files, /files/:id/delete, /f/:id, /f/:id/raw
- HTML views: layout, login, upload, file-list, file-view, not-found
- CLI register-user script
- public/style.css dark theme
- Test helpers: createTestApp, loginAs, buildMultipart
- Integration tests for auth API, file API, and page routes (51 tests passing)
- Update CLAUDE.md with red/green TDD and commit instructions

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-03 15:55:14 -08:00

2 Commits