Johan Lundberg
a65af90320
feat: require current password when changing password, add zxcvbn strength check
...
Use PasswordChange model (requires current password) for users with
existing passwords and PasswordSet for first-time setup. Add zxcvbn
strength validation and current password field to credentials template.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-31 15:34:43 +02:00
Johan Lundberg
1054feb534
fix: reorder imports and use ty-compatible type suppression
2026-02-19 14:29:01 +01:00
Johan Lundberg
f648422227
test: update all tests to include CSRF tokens
2026-02-19 14:19:47 +01:00
Johan Lundberg
80960d5a1f
Merge branch 'feature/cli-module'
2026-02-18 11:35:15 +01:00
Johan Lundberg
1c21d6d199
test: add failing test for registering pre-existing users
...
Part of CLI module work (fastapi-oidc-op-9lb.1). The test verifies that
/register/{token} handles users already created by initial-admin.
2026-02-17 14:09:00 +01:00
Johan Lundberg
cd9469342b
refactor: fix lint warnings in webauthn login tests
2026-02-17 13:46:02 +01:00
Johan Lundberg
32567b5484
feat: rewrite WebAuthn login routes for usernameless discoverable credential flow
2026-02-17 13:38:17 +01:00
Johan Lundberg
7cb1adbd06
update all imports in test files: fastapi_oidc_op → porchlight
2026-02-16 15:34:53 +01:00
Johan Lundberg
e15dcc4745
feat: add authentication routes with session login, WebAuthn, and credential management
...
Implement Phase 4 auth routes: password login/logout, WebAuthn
registration and authentication, magic link registration, and
credential management pages with HTMX. Includes session middleware,
Jinja2 templates, vendored HTMX, and last-credential guardrails.
120 tests passing.
2026-02-16 11:39:50 +01:00
