Simpl-Resultat

maximus/Simpl-Resultat

Fork 0

Commit graph

Author	SHA1	Message	Date
le king fu	60b995394e	fix: tighten CSP img-src, show initials instead of external avatar Some checks are pending PR Check / rust (push) Waiting to run Details PR Check / frontend (push) Waiting to run Details PR Check / rust (pull_request) Successful in 17m9s Details PR Check / frontend (pull_request) Successful in 2m15s Details Privacy-first: remove 'https:' from img-src CSP directive to prevent IP leaks via external avatar URLs (Google/Gravatar). AccountCard now shows user initials instead of loading a remote image. Also remove .keys-temp/ from .gitignore (not relevant to this PR). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-10 15:24:52 -04:00
le king fu	b53a902f11	feat: Maximus Account OAuth2 PKCE + machine activation + subscription check (#51 , #53 ) All checks were successful PR Check / rust (push) Successful in 16m34s Details PR Check / frontend (push) Successful in 2m14s Details PR Check / rust (pull_request) Successful in 16m31s Details PR Check / frontend (pull_request) Successful in 2m13s Details - Add auth_commands.rs: OAuth2 PKCE flow (start_oauth, handle_auth_callback, refresh_auth_token, get_account_info, check_subscription_status, logout) - Add deep-link handler in lib.rs for simpl-resultat://auth/callback - Add AccountCard.tsx + useAuth hook + authService.ts - Add machine activation commands (activate, deactivate, list, get_activation_status) - Extend LicenseCard with machine management UI - get_edition() now checks account subscription for Premium detection - Daily subscription status check (refresh token if last check > 24h) - Configure CSP for API/auth endpoints - Configure tauri-plugin-deep-link for desktop - Update i18n (FR/EN), changelogs, and architecture docs Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-10 14:18:51 -04:00

Author

SHA1

Message

Date

le king fu

60b995394e

fix: tighten CSP img-src, show initials instead of external avatar

PR Check / rust (push) Waiting to run

Details

PR Check / frontend (push) Waiting to run

Details

PR Check / rust (pull_request) Successful in 17m9s

Details

PR Check / frontend (pull_request) Successful in 2m15s

Details

Privacy-first: remove 'https:' from img-src CSP directive to prevent
IP leaks via external avatar URLs (Google/Gravatar). AccountCard now
shows user initials instead of loading a remote image.

Also remove .keys-temp/ from .gitignore (not relevant to this PR).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-10 15:24:52 -04:00

le king fu

b53a902f11

feat: Maximus Account OAuth2 PKCE + machine activation + subscription check (#51 , #53 )

PR Check / rust (push) Successful in 16m34s

Details

PR Check / frontend (push) Successful in 2m14s

Details

PR Check / rust (pull_request) Successful in 16m31s

Details

PR Check / frontend (pull_request) Successful in 2m13s

Details

- Add auth_commands.rs: OAuth2 PKCE flow (start_oauth, handle_auth_callback,
  refresh_auth_token, get_account_info, check_subscription_status, logout)
- Add deep-link handler in lib.rs for simpl-resultat://auth/callback
- Add AccountCard.tsx + useAuth hook + authService.ts
- Add machine activation commands (activate, deactivate, list, get_activation_status)
- Extend LicenseCard with machine management UI
- get_edition() now checks account subscription for Premium detection
- Daily subscription status check (refresh token if last check > 24h)
- Configure CSP for API/auth endpoints
- Configure tauri-plugin-deep-link for desktop
- Update i18n (FR/EN), changelogs, and architecture docs

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-10 14:18:51 -04:00

2 commits