Simon Franken
946cd35832
iOS clients now exchange the OIDC authorization code for a backend-signed HS256 JWT via POST /auth/token. All subsequent API requests authenticate using this JWT as a Bearer token, verified locally — no per-request IDP call is needed. Web frontend session-cookie auth is unchanged.
33 lines
806 B
JSON
33 lines
806 B
JSON
{
|
|
"name": "timetracker-backend",
|
|
"version": "1.0.0",
|
|
"scripts": {
|
|
"dev": "tsx watch src/index.ts",
|
|
"build": "tsc",
|
|
"start": "node dist/index.js",
|
|
"db:migrate": "prisma migrate dev",
|
|
"db:generate": "prisma generate",
|
|
"db:seed": "tsx prisma/seed.ts"
|
|
},
|
|
"dependencies": {
|
|
"@prisma/client": "^6.19.2",
|
|
"cors": "^2.8.5",
|
|
"dotenv": "^17.3.1",
|
|
"express": "^4.18.2",
|
|
"express-session": "^1.17.3",
|
|
"jsonwebtoken": "^9.0.3",
|
|
"openid-client": "^5.6.1",
|
|
"zod": "^3.22.4"
|
|
},
|
|
"devDependencies": {
|
|
"@types/cors": "^2.8.17",
|
|
"@types/express": "^4.17.21",
|
|
"@types/express-session": "^1.17.10",
|
|
"@types/jsonwebtoken": "^9.0.10",
|
|
"@types/node": "^25.2.3",
|
|
"prisma": "^6.19.2",
|
|
"tsx": "^4.7.0",
|
|
"typescript": "^5.3.3"
|
|
}
|
|
}
|