Skip to content

feat: Refactor authentication to use local Argon2 and JWT #27

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
onelrian wants to merge 5 commits into
base: main
Choose a base branch
from
Open

feat: Refactor authentication to use local Argon2 and JWT #27

onelrian wants to merge 5 commits into from

Conversation

@onelrian
Copy link
Owner

@onelrian onelrian commented Jan 29, 2026

Description

This PR refactors the authentication system to remove the dependency on Supabase Auth and implement a custom local authentication solution.

Changes

  • Backend:
    • Replaced Supabase Auth with custom JWT authentication.
    • Implemented Argon2 for secure password hashing.
    • Added password_hash column to users table via migration.
    • Created src/auth.rs for hashing and verification utilities.
    • Implemented /api/auth/register and /api/auth/login endpoints.
    • Updated init_admin_user to creating the default admin locally with a hashed password.
  • Configuration:
    • Removed VITE_SUPABASE_URL and SUPABASE_SERVICE_ROLE_KEY dependencies from backend config.
    • Added JWT_SECRET for token signing.

Testing

  • Verified health endpoint.
  • Verified manual user registration via API.
  • Verified manual login and JWT generation via API.

onelrian and others added 5 commits January 28, 2026 15:19
@onelrian
feat(config): implement configurable scheduling system
ccb8eee 
- Add configurable assignment_interval_days to Settings struct (1-365 days, defaults to 14)
- Create config/default.toml for centralized configuration
- Update db::should_run() to accept configurable interval parameter
- Replace hardcoded 14-day interval with configuration-driven approach
- Add comprehensive config tests with serial execution (7 tests)
- Add serial_test dev dependency to prevent env var test interference
- Fix doctests in people_config.rs

Workflow optimization:
- Remove inefficient daily cron trigger from GitHub Actions
- Default to manual workflow_dispatch for better resource efficiency
- Add APP__ASSIGNMENT_INTERVAL_DAYS environment variable support
- Document scheduling strategies (manual, external scheduler, daily cron)

Documentation:
- Update README.md with configuration guide and scheduling options
- Add cross-reference in docs/PEOPLE_DATA.md
- Document configuration precedence (env vars > files > defaults)

Test results: All 41 tests passing
- 7 lib tests + 9 main tests + 7 config tests + 16 people_config tests + 2 doctests

Backward compatible: Existing setups continue using 14 days automatically.
@onelrian
feat: complete production-ready backend and modern dashboard frontend
6226ac6
@onelrian
feat: Refactor authentication to use local Argon2 and JWT
430c671
@t-desmond
feat: Enhance authentication and logging with detailed tracing and ba…
049b4c1 
…ckground scheduling
@t-desmond
feat(config): update .env.example with host, port, and JWT secret
9a5970f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@onelrian @t-desmond