From 9623a3be97047afbdabdfa411a37ada1e624670a Mon Sep 17 00:00:00 2001 From: Jason Woltje Date: Mon, 16 Feb 2026 11:28:46 -0600 Subject: [PATCH] =?UTF-8?q?chore(#411):=20Phase=203=20complete=20=E2=80=94?= =?UTF-8?q?=204/4=20tasks=20done,=2073=20auth=20tests=20passing?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - AUTH-010: getTrustedOrigins() with env var support - AUTH-011: CORS aligned with getTrustedOrigins() - AUTH-012: Session config (7d absolute, 2h idle, secure cookies) - AUTH-013: .env.example updated with TRUSTED_ORIGINS, COOKIE_DOMAIN Refs #414 Co-Authored-By: Claude Opus 4.6 --- docs/tasks.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/tasks.md b/docs/tasks.md index 63d0b41..00ea0c1 100644 --- a/docs/tasks.md +++ b/docs/tasks.md @@ -190,13 +190,13 @@ ### Phase 3: Backend Hardening (#414) -| id | status | description | issue | repo | branch | depends_on | blocks | agent | started_at | completed_at | estimate | used | -| -------- | ----------- | ---------------------------------------------------------------- | ----- | ------ | ----------------------------- | ----------------------------------- | -------- | ----- | ---------- | ------------ | -------- | ---- | -| AUTH-010 | not-started | 3.1: Extract trustedOrigins to getTrustedOrigins() with env vars | #414 | api | fix/auth-frontend-remediation | AUTH-V02 | AUTH-011 | | | | 10K | | -| AUTH-011 | not-started | 3.2: Align CORS config in main.ts with getTrustedOrigins() | #414 | api | fix/auth-frontend-remediation | AUTH-010 | | | | | 8K | | -| AUTH-012 | not-started | 3.3: Update session config (7d abs, 2h idle, cookie attrs) | #414 | api | fix/auth-frontend-remediation | AUTH-V02 | | | | | 8K | | -| AUTH-013 | not-started | 3.4: Add TRUSTED_ORIGINS, COOKIE_DOMAIN to .env.example | #414 | devops | fix/auth-frontend-remediation | AUTH-010 | | | | | 3K | | -| AUTH-V03 | not-started | Phase 3 verification: quality gates pass | #414 | all | fix/auth-frontend-remediation | AUTH-010,AUTH-011,AUTH-012,AUTH-013 | AUTH-014 | | | | 5K | | +| id | status | description | issue | repo | branch | depends_on | blocks | agent | started_at | completed_at | estimate | used | +| -------- | ------ | ---------------------------------------------------------------- | ----- | ------ | ----------------------------- | ----------------------------------- | -------- | ----- | ----------------- | ----------------- | -------- | ---- | +| AUTH-010 | done | 3.1: Extract trustedOrigins to getTrustedOrigins() with env vars | #414 | api | fix/auth-frontend-remediation | AUTH-V02 | AUTH-011 | w-8 | 2026-02-16T11:26Z | 2026-02-16T11:31Z | 10K | 15K | +| AUTH-011 | done | 3.2: Align CORS config in main.ts with getTrustedOrigins() | #414 | api | fix/auth-frontend-remediation | AUTH-010 | | w-10 | 2026-02-16T11:32Z | 2026-02-16T11:33Z | 8K | 8K | +| AUTH-012 | done | 3.3: Update session config (7d abs, 2h idle, cookie attrs) | #414 | api | fix/auth-frontend-remediation | AUTH-V02 | | w-9 | 2026-02-16T11:26Z | 2026-02-16T11:29Z | 8K | 8K | +| AUTH-013 | done | 3.4: Add TRUSTED_ORIGINS, COOKIE_DOMAIN to .env.example | #414 | devops | fix/auth-frontend-remediation | AUTH-010 | | w-11 | 2026-02-16T11:32Z | 2026-02-16T11:33Z | 3K | 3K | +| AUTH-V03 | done | Phase 3 verification: quality gates pass | #414 | all | fix/auth-frontend-remediation | AUTH-010,AUTH-011,AUTH-012,AUTH-013 | AUTH-014 | orch | 2026-02-16T11:34Z | 2026-02-16T11:34Z | 5K | 2K | ### Phase 4: Frontend Foundation (#415)