jennie/ghostguild-org
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
257 commits 9 branches 0 tags 28 MiB
Find a file
Jennie Robinson Faber 39eb9e039a
Some checks failed
Test / vitest (push) Failing after 6m9s
Details
Test / playwright (push) Has been skipped
Details
Test / visual (push) Has been skipped
Details
Test / Notify on failure (push) Successful in 2s
Details
fix(auth): auto-submit OIDC logout form to eliminate xsrf desync 
Users clicking sign-out in the wiki were getting 'xsrf token invalid'.
The old logoutSource extracted the xsrf from oidc-provider's form into
a separate short-lived cookie and bounced through /auth/logout-confirm,
but that dance kept desyncing — the xsrf on the eventual submit didn't
always match the session state on /oidc/session/end/confirm.

Drop the custom confirmation page and auto-submit oidc-provider's own
form inline from logoutSource. The xsrf stays inside the original form
HTML the provider generated, so the validation is guaranteed to match.
Clicking sign-out in the wiki is already confirmation enough.

Also clear the Ghost Guild auth-token cookie in postLogoutSuccessSource
so signing out of the wiki fully signs the user out rather than leaving
a stale ghostguild.org session behind.
2026-04-15 18:26:51 +01:00
.claude Readying for design 2026-03-04 18:24:20 +00:00
.forgejo/workflows Huge bunch of UI/UX improvements and tweaks! 2026-04-06 16:17:12 +01:00
.husky feat: add testing infrastructure — Vitest, Playwright, CI, git hooks 2026-04-04 16:07:21 +01:00
.serena fix: use private helcimApiToken for all server-side Helcim API calls 2026-04-04 13:37:34 +01:00
app fix(auth): stop wiki login loop to coming-soon and surface non-member state 2026-04-15 17:55:55 +01:00
assets/css Redesign interface across member dashboard and events pages 2025-10-09 16:25:57 +01:00
docs spec: board classifieds redesign 2026-04-14 15:09:40 +01:00
e2e test(board): unit + e2e tests for board posts and channels 2026-04-14 17:36:12 +01:00
plugins Enhance application structure: Add runtime configuration for environment variables, integrate new dependencies for Cloudinary and UI components, and refactor member management features including improved forms and member dashboard. Update styles and layout for better user experience. 2025-08-27 16:49:51 +01:00
public feat: cleanup deprecated components and background texture 2026-04-02 21:38:50 +01:00
scripts chore(board): remove old board tests, update seed + onboarding tests 2026-04-14 17:31:46 +01:00
server fix(auth): auto-submit OIDC logout form to eliminate xsrf desync 2026-04-15 18:26:51 +01:00
tests Updates 2026-04-15 17:45:09 +01:00
.cursorignore Updates! 2026-03-31 18:18:24 +01:00
.cursorindexingignore Updates! 2026-03-31 18:18:24 +01:00
.dockerignore feat: add .dockerignore and document BASE_URL in .env.example 2026-04-04 12:41:00 +01:00
.env.example feat(board): redesign classifieds + Slack channel creation 2026-04-14 20:20:17 +01:00
.gitignore chore(gitignore): ignore .claude directory 2026-04-15 12:47:47 +01:00
debug-token.js Implement multi-step registration process: Add step indicators, error handling, and payment processing for membership registration. Enhance form validation and user feedback with success and error messages. Refactor state management for improved clarity and maintainability. 2025-09-03 14:47:13 +01:00
Dockerfile fix: multi-stage Dockerfile and guard husky for Docker builds 2026-04-04 16:44:55 +01:00
eslint.config.mjs Initial commit 2025-08-26 14:17:16 +01:00
nuxt.config.ts feat(member): account/profile polish + tier upgrade flow 2026-04-14 20:35:37 +01:00
package-lock.json merge: worktree-a11y-fixes into main 2026-04-05 22:05:00 +01:00
package.json merge: worktree-a11y-fixes into main 2026-04-05 22:05:00 +01:00
playwright.config.js test(visual): allow playwright port override and rebaseline connections-mobile 2026-04-08 16:03:48 +01:00
slack-app-manifest.yaml Adding features 2025-10-05 16:15:09 +01:00
test-helcim-direct.js Implement multi-step registration process: Add step indicators, error handling, and payment processing for membership registration. Enhance form validation and user feedback with success and error messages. Refactor state management for improved clarity and maintainability. 2025-09-03 14:47:13 +01:00
TESTING.md feat: add testing infrastructure — Vitest, Playwright, CI, git hooks 2026-04-04 16:07:21 +01:00
tsconfig.json Initial commit 2025-08-26 14:17:16 +01:00
vitest.config.js Add Vitest security test suite and update security evaluation doc 2026-03-01 12:30:06 +00:00