mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity

chore(#411): Phase 3 complete — 4/4 tasks done, 73 auth tests passing

Browse Source 
- AUTH-010: getTrustedOrigins() with env var support
- AUTH-011: CORS aligned with getTrustedOrigins()
- AUTH-012: Session config (7d absolute, 2h idle, secure cookies)
- AUTH-013: .env.example updated with TRUSTED_ORIGINS, COOKIE_DOMAIN

Refs #414

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jason Woltje
2026-02-16 11:28:46 -06:00
parent f37c83e280
commit 9623a3be97
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
docs/tasks.md
View File

@@ -190,13 +190,13 @@
### Phase 3: Backend Hardening (#414)
| id | status | description | issue | repo | branch | depends_on | blocks | agent | started_at | completed_at | estimate | used |
| -------- | ----------- | ---------------------------------------------------------------- | ----- | ------ | ----------------------------- | ----------------------------------- | -------- | ----- | ---------- | ------------ | -------- | ---- |
| AUTH-010 | not-started | 3.1: Extract trustedOrigins to getTrustedOrigins() with env vars | #414 | api | fix/auth-frontend-remediation | AUTH-V02 | AUTH-011 | | | | 10K | |
| AUTH-011 | not-started | 3.2: Align CORS config in main.ts with getTrustedOrigins() | #414 | api | fix/auth-frontend-remediation | AUTH-010 | | | | | 8K | |
| AUTH-012 | not-started | 3.3: Update session config (7d abs, 2h idle, cookie attrs) | #414 | api | fix/auth-frontend-remediation | AUTH-V02 | | | | | 8K | |
| AUTH-013 | not-started | 3.4: Add TRUSTED_ORIGINS, COOKIE_DOMAIN to .env.example | #414 | devops | fix/auth-frontend-remediation | AUTH-010 | | | | | 3K | |
| AUTH-V03 | not-started | Phase 3 verification: quality gates pass | #414 | all | fix/auth-frontend-remediation | AUTH-010,AUTH-011,AUTH-012,AUTH-013 | AUTH-014 | | | | 5K | |
| id | status | description | issue | repo | branch | depends_on | blocks | agent | started_at | completed_at | estimate | used |
| -------- | ------ | ---------------------------------------------------------------- | ----- | ------ | ----------------------------- | ----------------------------------- | -------- | ----- | ----------------- | ----------------- | -------- | ---- |
| AUTH-010 | done | 3.1: Extract trustedOrigins to getTrustedOrigins() with env vars | #414 | api | fix/auth-frontend-remediation | AUTH-V02 | AUTH-011 | w-8 | 2026-02-16T11:26Z | 2026-02-16T11:31Z | 10K | 15K |
| AUTH-011 | done | 3.2: Align CORS config in main.ts with getTrustedOrigins() | #414 | api | fix/auth-frontend-remediation | AUTH-010 | | w-10 | 2026-02-16T11:32Z | 2026-02-16T11:33Z | 8K | 8K |
| AUTH-012 | done | 3.3: Update session config (7d abs, 2h idle, cookie attrs) | #414 | api | fix/auth-frontend-remediation | AUTH-V02 | | w-9 | 2026-02-16T11:26Z | 2026-02-16T11:29Z | 8K | 8K |
| AUTH-013 | done | 3.4: Add TRUSTED_ORIGINS, COOKIE_DOMAIN to .env.example | #414 | devops | fix/auth-frontend-remediation | AUTH-010 | | w-11 | 2026-02-16T11:32Z | 2026-02-16T11:33Z | 3K | 3K |
| AUTH-V03 | done | Phase 3 verification: quality gates pass | #414 | all | fix/auth-frontend-remediation | AUTH-010,AUTH-011,AUTH-012,AUTH-013 | AUTH-014 | orch | 2026-02-16T11:34Z | 2026-02-16T11:34Z | 5K | 2K |
### Phase 4: Frontend Foundation (#415)