Oliver/ppt-tool
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ppt-tool/backend/api/middlewares
History
Exact
Vadym Samoilenko f2f729a50b Switch Azure AD auth to MSAL SPA (browser-side token exchange) 
- Replace server-side ConfidentialClientApplication + OAuth callback
  with MSAL browser popup flow (PKCE, no client_secret required)
- Backend: add POST /sso-token endpoint that validates Azure AD ID token
  via Microsoft JWKS, issues session cookie; remove /login + /callback
- Frontend: install @azure/msal-browser + @azure/msal-react, wrap app
  with MsalProvider, login page uses loginPopup() → sends id_token to backend
- Pass NEXT_PUBLIC_AZURE_* env vars through next.config.mjs

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-23 12:34:52 +00:00
..
__init__.py Fix Docker build, test suite, and runtime issues for local deployment 2026-02-26 17:56:30 +00:00
audit_middleware.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
auth_middleware.py Switch Azure AD auth to MSAL SPA (browser-side token exchange) 2026-03-23 12:34:52 +00:00
rate_limit_middleware.py Fix slowapi Response parameter issue 2026-02-27 20:29:00 +00:00
rbac_middleware.py Phase 1-2: Foundation + Admin Panel & Client Management 2026-02-26 15:37:17 +00:00
request_size_middleware.py Implement critical security fixes and modern design system (Pre-launch P0 tasks) 2026-02-27 18:28:24 +00:00
security_headers_middleware.py Complete critical security improvements (P0.5-P0.8) 2026-02-27 18:33:58 +00:00