Oliver/video-accessibility
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
video-accessibility/backend/app/api/v1
History
Vadym Samoilenko 4623b89aeb feat(mt-16): JWT org_ids claim + transient user.org_ids in deps 
- create_access_token gains optional org_ids: list[str] param; encodes
  {exp, sub, org_ids, v:2} — org_ids is a prefilter hint only, never
  used as authorization source of truth (Redis cache is authoritative)
- Login, MS login, refresh endpoints: fetch memberships and include
  org_ids in issued access tokens via _get_user_org_ids() helper
- routes_invitations.py accept flow: same org_ids population on token
- get_current_user: reads org_ids from payload, attaches as transient
  user.__dict__["org_ids"] — available to OrgScopedQuery for prefilter
- Force logout: rotate JWT_SECRET env var at deployment time (no code
  change needed; all existing tokens immediately invalidated)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-29 20:46:39 +01:00
..
routes_admin.py feat: two-stage QC (linguist→reviewer), project picker, comments, email notifications, deadlines 2026-04-29 16:59:40 +01:00
routes_admin_production.py feat(w-14): bulk failures dashboard + sidebar badge 2026-04-29 20:36:30 +01:00
routes_auth.py feat(mt-16): JWT org_ids claim + transient user.org_ids in deps 2026-04-29 20:46:39 +01:00
routes_briefs.py feat(w-12): JobBrief model, endpoints, migration + brief→job linkage 2026-04-29 20:38:08 +01:00
routes_clients.py fix(mt-12): remove PM/CLIENT legacy bypass in _assert_client_access 2026-04-29 20:22:56 +01:00
routes_files.py feat: audit log integration sweep + cost tracker URL fix + audit log admin UI 2026-04-29 11:34:06 +01:00
routes_glossaries.py feat(mt-13): bind glossary handlers to client_id via org membership check 2026-04-29 20:24:41 +01:00
routes_invitations.py feat(mt-16): JWT org_ids claim + transient user.org_ids in deps 2026-04-29 20:46:39 +01:00
routes_jobs.py feat(mt-14): gcs_prefix on Job, gcs_path helper, rewrite path sites 2026-04-29 20:45:12 +01:00
routes_language_qc.py feat(pr6): WS real-time updates, per-cue AD playback, upload guard 2026-04-29 19:42:57 +01:00
routes_organizations.py feat(saas): Phase 3 — membership-based authz + Mailgun + job.organization_id 2026-04-27 16:56:42 +01:00
routes_review_notes.py feat: add linguist role and user management navigation 2026-04-16 11:46:33 +01:00
routes_share.py fix(lint): restore baseline lint count — no new errors introduced 2026-04-29 19:16:35 +01:00
routes_tts.py feat: Client → Team → Project isolation system with Project Manager role 2026-04-27 15:11:13 +01:00
routes_vtt_versions.py feat: VTT version control — snapshots, diff, restore 2026-04-29 11:46:21 +01:00
routes_websockets.py wrote docker files and deployment instructions 2025-10-08 16:00:12 -05:00