tototomate123
75cbe97bc0
feat(collab): restore cross-account sharing and reliable realtime sync
2026-02-13 19:02:03 +01:00
tototomate123
9e248f9751
css fix
2026-02-12 20:38:05 +01:00
tototomate123
fe58cf7e89
update to excalidraw 0.18.0
2026-02-12 20:32:53 +01:00
tototomate123
6061d4ab94
fix(auth): align frontend password validation with production policy
2026-02-12 19:58:13 +01:00
tototomate123
6fe2ab3d28
fix(deploy): align /api routing, socket path, and proxy-aware auth limits
2026-02-12 19:43:49 +01:00
tototomate123
e05edff84d
fix socket in editor
2026-02-12 19:29:17 +01:00
tototomate123
08d2165a70
fix(dashboard): normalize route id params for express 5 typings
2026-02-12 19:10:41 +01:00
2cbd11cf0d
fix impersonation issues
2026-02-10 22:45:00 -08:00
1c71a08bbe
Plan OIDC integration and audit
2026-02-10 14:45:34 -08:00
bb028ef2db
fix csrf token hardset, remove cookie from localstorage
2026-02-10 13:16:04 -08:00
1117dc584e
resolve e2e
2026-02-07 19:24:00 -08:00
70103e18fb
sign CSRF with cookie, Login rate-limit key hardened against identifier-only lockout
2026-02-07 18:52:00 -08:00
fd013de325
add tests on refactor
2026-02-07 18:03:05 -08:00
6bee0e2ded
refactor index.ts
2026-02-07 17:47:41 -08:00
35bbbb9599
images in preview
2026-02-07 17:21:58 -08:00
2aa749a2f0
prevent preview updates from overwriting drawings
2026-02-07 15:51:35 -08:00
02736d663a
chore: pre-release v0.4.6-dev
2026-02-07 12:46:00 -08:00
de254d46f2
concurrency
2026-02-07 12:45:33 -08:00
dd0f381ed1
chore: pre-release v0.4.5-dev
2026-02-07 12:09:21 -08:00
c40a5f46a0
fix colliding drawing IDs
2026-02-07 12:09:02 -08:00
8fcca43b0d
chore: pre-release v0.4.4-dev
2026-02-07 11:58:09 -08:00
f20412cdfb
separate debounced autosave
2026-02-07 11:57:32 -08:00
a366acfedc
chore: pre-release v0.4.3-dev
2026-02-07 11:08:03 -08:00
154dcbb151
update resopnsiveness hamburger
2026-02-07 11:07:15 -08:00
2e74d2ad1a
chore: pre-release v0.4.2-dev
2026-02-07 10:34:36 -08:00
8161a563f0
chore: pre-release v0.4.1-dev
2026-02-07 10:08:27 -08:00
812f1cbf58
chore: pre-release v0.4.1-dev
2026-02-07 10:01:14 -08:00
06f4c0f537
remove dev dependencies from development containers
2026-02-07 09:27:39 -08:00
bbb23ca661
chore: pre-release v0.4.0-dev
2026-02-07 08:58:51 -08:00
f214e4f7b7
Ensure non multi-user flow stays
2026-02-06 23:05:23 -08:00
08135ee36a
fix test failures, new export/backup solutions
2026-02-06 22:21:19 -08:00
f462b2e288
minor UI fixes
2026-02-06 21:18:10 -08:00
01fda32bcd
test(import): add legacy import compatibility coverage
2026-02-06 14:54:02 -08:00
5e782e4044
fix: scope drawings cache by userId and add Socket.io authentication
...
Security fixes:
1. Drawings cache now includes userId in cache key to prevent data leakage
between users making identical queries.
2. Socket.io connections now require JWT authentication when auth is enabled.
3. Socket.io join-room verifies drawing ownership before allowing access.
4. Frontend passes auth token when connecting to Socket.io.
Co-authored-by: ZimengXiong <83783148+ZimengXiong@users.noreply.github.com >
2026-02-06 14:52:47 -08:00
0253ebb6b8
admin dashboard
2026-02-06 14:27:24 -08:00
1e617025df
Add admin password reset flow
2026-02-06 14:11:13 -08:00
b075a0cf9e
fix(dev): avoid auth redirect when backend/schema missing
2026-02-06 09:50:27 -08:00
7977a3eb09
feat(auth): default to single-user mode with enable toggle
2026-02-06 09:45:38 -08:00
40a645b823
chore(deps): apply dependabot updates
2026-02-06 09:22:23 -08:00
75a1f11a96
feat(auth): consolidate multi-user auth and admin controls
2026-02-06 00:25:13 -08:00
700e153740
merge: pull PR48 auth and UX into pre-release
2026-02-05 23:25:56 -08:00
fd3b97225f
merge: bring main into pre-release
2026-02-05 23:20:06 -08:00
b6d0150d44
chore: release v0.3.2
2026-02-01 16:06:19 -08:00
9fe3a2193d
chore: update tests and configuration for auth integration
...
- Update test utilities for user authentication
- Update Settings page for authenticated export
- Update docker-compose.yml if needed
- Update package-lock.json files
2026-01-24 17:12:39 +01:00
f6e337aa98
feat(frontend): add auto-hide header to Editor
...
- Add mouse-based auto-hide functionality
- Add toggle button to enable/disable auto-hide
- Prevent auto-hide during drawing name editing
- Smooth transitions with translate-y animations
- Dynamic canvas height adjustment based on header visibility
2026-01-24 17:12:31 +01:00
cbe83efe1f
feat(frontend): add select all button to Dashboard
...
- Add Select All button with CheckSquare/Square icons
- Toggle selection of all drawings in current view
- Match styling with other icon buttons
- Add tooltip for better UX
2026-01-24 17:12:27 +01:00
112d58a92a
feat(frontend): add profile page for user management
...
- Add Profile page for viewing/editing user info
- Add display name editing functionality
- Add change password functionality with validation
- Add Profile button to Sidebar navigation
- Handle authentication errors gracefully
2026-01-24 17:12:26 +01:00
b834f777b5
feat(frontend): add password reset pages
...
- Add PasswordResetRequest page for requesting reset
- Add PasswordResetConfirm page for confirming reset
- Handle feature disabled state gracefully
- Add routes to App.tsx
2026-01-24 17:12:24 +01:00
5f476542e2
feat(frontend): add login and register pages
...
- Add Login page with email/password form
- Add Register page with email validation
- Add forgot password link to login page
- Update App.tsx with auth routes and AuthProvider
- Add email validation in registration form
2026-01-24 17:12:23 +01:00
f1a1ff3a8a
feat(frontend): add authentication context and API client
...
- Add AuthContext for managing user authentication state
- Add ProtectedRoute component for route protection
- Update API client with JWT token injection
- Add refresh token rotation support
- Add CSRF token handling
2026-01-24 17:12:21 +01:00
tototomate123
Zimeng Xiong