- api.php: extractUserFromToken() decodes Azure AD JWT payload (oid/name/email)
- Upload: stores user_id, user_name, user_email in job .meta.json
- handleList(): filters jobs by authenticated user's oid — full user isolation
(jobs without user_id are excluded for authenticated users to prevent leakage);
enriches each entry with score, grade, critical/error counts from result JSON
- index.html: "My Documents" history section, shown after login
- js/app.js: showAuthenticatedUI() triggers loadHistory(); full renderHistory()
renders sortable table with score, grade, severity badges, and Open/HTML/PDF/JSON
action buttons; openHistoryJob() loads any past result into the results panel
- js/results.js: calls loadHistory() after displayResults() so table refreshes
immediately after a new check completes
- css/styles.css: history table styles with colour-coded score/grade/severity badges
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
e60639c58d