7 Commits

Author	SHA1	Message	Date
giles	7353be5b9d	Add cross-domain template copy: cart mini for OOB header swaps ... Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-24 17:17:38 +00:00
giles	ee2952e885	Own account domain templates (Phase 6) ... Auth templates moved from shared to account/templates/. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-24 16:55:50 +00:00
giles	1ba8788189	Add responsive visibility classes to auth-menu fragment ... Desktop span: hidden md:inline-flex, mobile span: block md:hidden. Prevents both showing when fragment is injected in a single spot. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-24 09:51:52 +00:00
giles	072de719df	Add auth-menu fragment handler to account app ... Phase 2 of fragment composition: account exposes auth-menu fragment (sign-in button or user email for desktop + mobile) via /internal/fragments/ endpoint. Updates shared submodule. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-24 09:11:52 +00:00
giles	e0a2a47ba2	Grant-based session revocation, remove iframe logout ... Account creates OAuthGrant per authorization, revokes on logout. Client apps verify grants via /auth/internal/verify-grant endpoint. Removes iframe-based logout page. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 12:30:53 +00:00
giles	4e8e6bab61	Iframe-based SSO logout (tolerates dead apps) ... Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 12:21:54 +00:00
giles	2178607484	Move auth server from federation to account ... Account is now the OAuth authorization server with magic link login, OAuth2 authorize endpoint, SSO logout, and session management. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 12:00:20 +00:00