a89e936f4d
Implement AI
2026-06-25 11:11:26 -07:00
9405914d88
Register notification services and add SMTP/Line config sections
...
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-06-23 19:21:47 -07:00
62592c29ae
Add audit logs.
ci-cd-vm / ci-cd (push) Successful in 4m2s
2026-06-23 12:13:47 -07:00
e7bf07c2ad
feat(storage): add IFileStorage + local-disk implementation
...
Adds IFileStorage abstraction and LocalDiskFileStorage for receipt file storage with path-traversal protection, and registers it in DI. Includes 3 TDD-verified xUnit tests.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-29 18:18:28 -07:00
60405ef0aa
WIP
2026-05-27 07:49:26 -07:00
8b86bd573e
Tasks 7-9: AuthController, appsettings, Program.cs
...
Task 7 – AuthController (POST /api/auth/login|refresh|logout)
- Refresh token in HttpOnly; Secure; SameSite=Strict cookie (rolac_rt)
- Cookie Path scoped to /api/auth; cleared on logout/invalid refresh
Task 8 – appsettings.json (non-secret JWT values + CORS origins)
- appsettings.Development.json carries connection string + JWT secret
(file is gitignored)
Task 9 – Program.cs wiring
- EF Core + Npgsql, ASP.NET Core Identity, JWT Bearer auth
- RoleClaimType=role matches the short JWT claim name written by TokenService
- CORS: AllowCredentials for Angular app
- Swagger UI with Bearer security definition
- Startup: MigrateAsync + DbSeeder.SeedAsync (roles + dev admin)
- DbSeeder: added SeedAsync(IServiceProvider) entry point
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-26 17:40:52 -07:00
4da8806bfc
Init API
2026-05-25 17:38:23 -07:00
Chris Chen