changes authentication to no longer use a refresh token & access token
for accessing protected endpoints. Instead only an auth token is used.
Before the login flow was:
Login -> get refresh (stored as HttpOnly cookie) + access token (stored in memory) ->
protected endpoint request (attach access token as Authorization header) -> access token expires in
15 minutes, so use refresh token to obtain new one when that happens
now it looks like this:
Login -> get auth token (stored as HttpOnly cookie) -> make protected endpont
request (token sent)
the reasoning for using the refresh + access token was to reduce DB
calls, but in the end I don't think its worth the hassle.
adds filtering by task status (completion date, incomplete, completion)
adds filtering by task metadata (task name, labels, members, due date)
adds sorting by task name, labels, members, and due date
enforces user admin role requirement for
- creating / deleting / setting role for organization users
- creating / deleting / setting role for project users
- updating project name
- deleting project
hides action elements based on role for
- admin console
- team settings if team is only visible through project membership
- add project tile if not team admin
- project name text editor if not team / project admin
- add redirect from team page if settings only visible through project
membership
- add redirect from admin console if not org admin
role enforcement is handled on the api side through a custom GraphQL
directive `hasRole`. on the client side, role information is fetched in
the TopNavbar's `me` query and stored in the `UserContext`.
there is a custom hook, `useCurrentUser`, that provides a user object
with two functions, `isVisibile` & `isAdmin` which is used to check
roles in order to render/hide relevant UI elements.
