GKaszewski/k-photos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c6f82090d2f4f089cc3faab567643667a89158df
k-photos/Cargo.toml
Gabriel Kaszewski c6f82090d2 feat: auth hardening + codebase quality sweep 
Refresh tokens: RefreshToken entity, PostgresRefreshTokenRepository,
login returns refresh token, POST /auth/refresh (rotation), POST /auth/logout,
JWT expiry 24h→1h, configurable via with_expiry().

Route protection: require_auth middleware on protected routes,
public routes split (register, login, refresh, sharing/access).

Authorization: caller_id added to ReadAssetFileQuery, ReadDerivativeQuery,
GetStackQuery, DeleteStackCommand with ownership checks. Admin-only gates
on processing, storage, sidecar, duplicates handlers.

Quality fixes: visibility filtering bypass in search(), unwrap panics in
date parsing, DRY auth header parsing, centralized parsers module,
email validation via email_address crate, value objects (Username, MimeType,
RelativePath), domain events (UserCreated, UserDeleted, AlbumCreated,
TagCreated, DuplicateDetected), postgres error mapping for constraint
violations, OptionExt::or_not_found helper, in_memory_repo! macro,
GetStackQuery moved to queries, album add_entry 200→201.
2026-05-31 22:26:02 +02:00

60 lines
2.2 KiB
TOML
Raw Blame History

[workspace]
members = [
"crates/domain",
"crates/application",
"crates/api-types",
"crates/adapters/postgres",
"crates/adapters/auth",
"crates/adapters/storage",
"crates/adapters/event-payload",
"crates/adapters/event-transport",
"crates/adapters/nats",
"crates/adapters/exif",
"crates/adapters/thumbnail",
"crates/adapters/sidecar",
"crates/presentation",
"crates/bootstrap",
"crates/worker",
]
resolver = "2"
[workspace.dependencies]
tokio = { version = "1.0", features = ["macros", "rt-multi-thread", "net", "time", "sync", "signal"] }
async-trait = "0.1"
futures = "0.3"
bytes = "1.0"
anyhow = "1.0"
thiserror = "2.0"
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
email_address = "0.2"
sha2 = "0.10"
uuid = { version = "1.0", features = ["v4", "serde"] }
chrono = { version = "0.4", features = ["serde"] }
dotenvy = "0.15"
tracing = "0.1"
tracing-subscriber = { version = "0.3", features = ["env-filter", "fmt"] }
axum = { version = "0.8", features = ["macros"] }
tower-http = { version = "0.6", features = ["cors", "trace"] }
sqlx = { version = "0.8", features = ["runtime-tokio", "uuid", "chrono", "macros"] }
jsonwebtoken = "9.3"
bcrypt = "0.15"
utoipa = { version = "5.3", features = ["axum_extras", "uuid", "chrono"] }
utoipa-scalar = { version = "0.3", features = ["axum"] }
domain = { path = "crates/domain" }
application = { path = "crates/application" }
api-types = { path = "crates/api-types" }
adapters-auth = { path = "crates/adapters/auth" }
adapters-storage = { path = "crates/adapters/storage" }
adapters-event-payload = { path = "crates/adapters/event-payload" }
adapters-event-transport = { path = "crates/adapters/event-transport" }
adapters-nats = { path = "crates/adapters/nats" }
adapters-exif = { path = "crates/adapters/exif" }
adapters-thumbnail = { path = "crates/adapters/thumbnail" }
adapters-sidecar = { path = "crates/adapters/sidecar" }
adapters-postgres = { path = "crates/adapters/postgres" }
async-nats = "0.48"
async-stream = "0.3"
presentation = { path = "crates/presentation" }
Reference in New Issue View Git Blame Copy Permalink