mirror of
https://github.com/btouchard/ackify.git
synced 2026-02-11 08:19:22 -06:00
68426bc882
- Implement PKCE (Proof Key for Code Exchange) with S256 method - Add crypto/pkce module with code verifier and challenge generation - Modify OAuth flow to include code_challenge in authorization requests - Update HandleCallback to validate code_verifier during token exchange - Extend session lifetime from 7 to 30 days - Add comprehensive unit tests for PKCE functions - Maintain backward compatibility with fallback for non-PKCE sessions - Add detailed logging for OAuth flow with PKCE tracking PKCE enhances security by preventing authorization code interception attacks, as recommended by OAuth 2.1 and OIDC standards. feat: add encrypted refresh token storage with automatic cleanup - Add oauth_sessions table for storing encrypted refresh tokens - Implement AES-256-GCM encryption for refresh tokens using cookie secret - Create OAuth session repository with full CRUD operations - Add SessionWorker for automatic cleanup of expired sessions - Configure cleanup to run every 24h for sessions older than 37 days - Modify OAuth flow to store refresh tokens after successful authentication - Track client IP and user agent for session security validation - Link OAuth sessions to user sessions via session ID - Add comprehensive encryption tests with security validations - Integrate SessionWorker into server lifecycle with graceful shutdown This enables persistent OAuth sessions with secure token storage, reducing the need for frequent re-authentication from 7 to 30 days.
1.7 KiB
1.7 KiB
Ackify Documentation (English)
Complete documentation for Ackify - Proof of Read with cryptographic signatures.
Quick Start
- Getting Started - Installation and first steps with Docker Compose
- Configuration - Environment variables and settings
Features
- Cryptographic Signatures - Ed25519 signature flow
- Expected Signers - Tracking and email reminders
- Checksums - Document integrity verification
- Embedding - oEmbed, iframes, third-party integrations
- Internationalization - Multi-language support (fr, en, es, de, it)
Advanced Configuration
- OAuth Providers - Google, GitHub, GitLab, Custom
- Email Setup - SMTP configuration for reminders
Architecture & Development
- Architecture - Tech stack, project structure, Clean Architecture principles
- Database - PostgreSQL schema, migrations, constraints
- API Reference - REST endpoints, examples, OpenAPI
- Deployment - Production, security, monitoring
- Development - Dev setup, tests, contributing
Integrations
- Google Docs - Google Workspace integration
- More integrations coming...
Support
- GitHub Issues - Bugs and feature requests
- GitHub Discussions - Questions and discussions