vikunja/pkg/user
kolaente e90cb2631d fix(auth): remove unnecessary fields from JWT token payloads
Remove email, name, emailRemindersEnabled, and isLocalUser from user JWT
claims, and isLocalUser from link share JWT claims. These fields are never
used from the token - the backend always fetches the full user from the
database by ID, and the frontend fetches user data from the /user API
endpoint immediately after login.

Also simplify GetUserFromClaims to only extract id and username, and
remove the now-unnecessary email override in the frontend's
refreshUserInfo.
2026-02-08 21:30:07 +01:00
..
caldav_token.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
db.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
delete.go refactor: schedule user deletion 2025-08-01 17:06:02 +02:00
error.go fix: 403 http error code on failed login (#1756) 2025-11-06 08:40:46 +01:00
events.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
listeners.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
main_test.go feat: move to slog for logging 2025-07-21 18:15:39 +02:00
notifications.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
test.go fix(user): persist status on email updates (#1084) 2025-08-04 14:07:00 +00:00
token.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
totp.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
update_email.go fix(user): persist status on email updates (#1084) 2025-08-04 14:07:00 +00:00
update_email_test.go fix(user): persist status on email updates (#1084) 2025-08-04 14:07:00 +00:00
user.go fix(auth): remove unnecessary fields from JWT token payloads 2026-02-08 21:30:07 +01:00
user_create.go fix(user): persist status on email updates (#1084) 2025-08-04 14:07:00 +00:00
user_email_confirm.go fix(user): persist status on email updates (#1084) 2025-08-04 14:07:00 +00:00
user_email_confirm_test.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
user_password_reset.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
user_test.go fix(user): ensure deletion tokens can only be used by the user who created them 2025-07-23 11:18:37 +02:00
users_project.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
validator.go feat(auth): require auth to fetch avatars (#930) 2025-06-14 13:12:41 +00:00