simonfranken/timetracker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
111 Commits 4 Branches 1 Tag
ca521000bf03bac7c3089764cf573d5c32749217
Commit Graph

5 Commits

Author SHA1 Message Date
simon.franken
64211e6a49 feat: add MCP endpoint and API key management 
- Add ApiKey Prisma model (SHA-256 hash, prefix, lastUsedAt) with migration
- Implement ApiKeyService (create, list, delete, verify)
- Extend requireAuth middleware to accept sk_-prefixed API keys alongside JWTs
- Add GET/POST /api-keys routes for creating and revoking keys
- Add stateless Streamable HTTP MCP server at POST/GET /mcp exposing all 20
  time-tracking tools (clients, projects, time entries, timer, statistics,
  client targets and corrections)
- Frontend: ApiKey types, apiKeys API module, useApiKeys hook
- Frontend: ApiKeysPage with key table, one-time raw-key reveal modal, and
  inline revoke confirmation
- Wire /api-keys route and add API Keys link to Management dropdown in Navbar
 2026-03-16 15:26:09 +01:00
simon.franken
078dc8c304 Add Prisma session store for persistent sessions 2026-02-23 11:39:09 +01:00
Simon Franken
946cd35832 Replace IDP token passthrough with backend-issued JWT for iOS auth 
iOS clients now exchange the OIDC authorization code for a backend-signed
HS256 JWT via POST /auth/token. All subsequent API requests authenticate
using this JWT as a Bearer token, verified locally — no per-request IDP
call is needed. Web frontend session-cookie auth is unchanged.
 2026-02-19 18:45:03 +01:00
simon.franken
d3b8df3deb fix 2026-02-16 11:01:07 +01:00
simon.franken
7d678c1c4d creates application 2026-02-16 10:15:27 +01:00