Oliver/ac-tool
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ac-tool/backend/server/auth
History
Vadym Samoilenko 8050a6a0f6 Add emergency token login as SSO bypass 
When EMERGENCY_TOKEN is set in .env, a Bearer token matching it grants
admin access without going through Azure AD / MSAL. Useful when 2FA or
SSO is unavailable. Token is compared in constant-time to prevent timing
attacks. If EMERGENCY_TOKEN is empty (default), the feature is disabled.

Frontend: small "Emergency access" link on login page opens a token input.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-23 19:07:34 +00:00
..
__init__.py Initial commit — AC Tool unified application 2026-03-23 13:24:46 +00:00
middleware.py Add emergency token login as SSO bypass 2026-03-23 19:07:34 +00:00
msal_auth.py fix: verify JWT signature via JWKS and fix auth dev bypass condition 2026-03-23 14:44:22 +00:00
user_store.py Add per-client category hierarchy, client management, and admin hardcoding 2026-03-23 18:56:01 +00:00