229a53fa0a
changes authentication to no longer use a refresh token & access token for accessing protected endpoints. Instead only an auth token is used. Before the login flow was: Login -> get refresh (stored as HttpOnly cookie) + access token (stored in memory) -> protected endpoint request (attach access token as Authorization header) -> access token expires in 15 minutes, so use refresh token to obtain new one when that happens now it looks like this: Login -> get auth token (stored as HttpOnly cookie) -> make protected endpont request (token sent) the reasoning for using the refresh + access token was to reduce DB calls, but in the end I don't think its worth the hassle. |
||
|---|---|---|
| .. | ||
| label_color.sql | ||
| notification.sql | ||
| organization.sql | ||
| project_label.sql | ||
| project.sql | ||
| system_options.sql | ||
| task_activity.sql | ||
| task_assigned.sql | ||
| task_checklist.sql | ||
| task_group.sql | ||
| task_label.sql | ||
| task.sql | ||
| team_member.sql | ||
| team.sql | ||
| token.sql | ||
| user_accounts.sql | ||