CooperandGoodman/yolkbook
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6d09e40f58caa79350083bb22bb2492e2a0da850
yolkbook/nginx/html
History
derekc 6d09e40f58 Remove admin token from sessionStorage during impersonation 
Embed admin_id claim in impersonation JWTs and add a backend
/api/admin/unimpersonate endpoint that re-issues the admin token
from that claim. The admin token no longer needs to be stored in
sessionStorage, eliminating the risk of token theft via XSS.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-19 23:32:08 -07:00
..
css
Implement reliability improvements across frontend
2026-03-18 00:09:36 -07:00
js
Remove admin token from sessionStorage during impersonation
2026-03-19 23:32:08 -07:00
50x.html
Add multi-user auth, admin panel, and timezone support; rename to Yolkbook
2026-03-17 23:19:29 -07:00
404.html
Fix bugs, data integrity, and cache busting
2026-03-18 00:27:02 -07:00
admin.html
Fix bugs, data integrity, and cache busting
2026-03-18 00:27:02 -07:00
budget.html
Fix bugs, data integrity, and cache busting
2026-03-18 00:27:02 -07:00
favicon.svg
Initial commit
2026-02-26 22:27:58 -08:00
flock.html
Fix bugs, data integrity, and cache busting
2026-03-18 00:27:02 -07:00
index.html
Harden security: CORS, XSS, rate limiting, CSP, SRI
2026-03-19 23:18:33 -07:00
log.html
Fix bugs, data integrity, and cache busting
2026-03-18 00:27:02 -07:00
login.html
Fix bugs, data integrity, and cache busting
2026-03-18 00:27:02 -07:00
summary.html
Fix bugs, data integrity, and cache busting
2026-03-18 00:27:02 -07:00