vikunja/pkg/modules/auth/openid
kolaente 78f79accb5 refactor(auth): extract transport-agnostic login, logout and OIDC cores
Pull the credential/TOTP check, session deletion, user-token issuance and
OIDC callback flow out of the v1 echo handlers and into reusable helpers so
both /api/v1 and the upcoming /api/v2 share one implementation:

- auth.IssueUserToken + auth.WriteUserAuthCookies split the token/cookie
  machinery from the echo response; NewUserAuthTokenResponse now wraps them.
- auth.SessionIDFromContext reads the sid claim for logout.
- shared.AuthenticateUserCredentials, shared.DeleteSession hold the login
  and logout cores.
- openid.AuthenticateCallback holds the OIDC exchange/getOrCreate/TOTP/team
  sync, returning the user; HandleCallback issues the token as before.

v1 behaviour is unchanged on the wire.
2026-06-17 19:43:41 +00:00
..
cron.go fix: add missing Commit() to write callers 2026-02-25 11:03:02 +01:00
main_test.go feat: move to slog for logging 2025-07-21 18:15:39 +02:00
openid.go refactor(auth): extract transport-agnostic login, logout and OIDC cores 2026-06-17 19:43:41 +00:00
openid_test.go test(auth): add failing unit tests for OIDC TOTP enforcement 2026-04-09 17:25:47 +00:00
providers.go fix(auth): tolerate string booleans in oidc provider config (#2599) 2026-04-11 19:10:26 +00:00
providers_test.go test(auth): cover env-var string booleans for oidc providers (#2599) 2026-04-11 19:10:26 +00:00