This repository has been archived on 2026-02-24. You can view files and clone it. You cannot open issues or pull requests or push a commit.

giles c4590d1442 Replace propagation chain + check-device with prompt=none OAuth handshake ...

Client apps now do a silent OAuth round-trip (prompt=none) to account on
first visit. If user is logged in on account, they get silently logged in.
If not, the result is cached (5 min) to avoid repeated handshakes.

Grant verification now uses direct DB query instead of aiohttp HTTP calls.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-23 13:40:58 +00:00

..

__init__.py

feat: extract shared infrastructure from shared_lib

2026-02-11 12:45:56 +00:00

cart_identity.py

feat: extract shared infrastructure from shared_lib

2026-02-11 12:45:56 +00:00

context.py

feat: extract shared infrastructure from shared_lib

2026-02-11 12:45:56 +00:00

factory.py

Replace propagation chain + check-device with prompt=none OAuth handshake

2026-02-23 13:40:58 +00:00

http_utils.py

feat: extract shared infrastructure from shared_lib

2026-02-11 12:45:56 +00:00

jinja_setup.py

OAuth SSO infrastructure + account app support

2026-02-23 09:55:27 +00:00

oauth.py

Replace propagation chain + check-device with prompt=none OAuth handshake

2026-02-23 13:40:58 +00:00

urls.py

Make account the OAuth authorization server instead of federation

2026-02-23 11:53:34 +00:00

user_loader.py

feat: extract shared infrastructure from shared_lib

2026-02-11 12:45:56 +00:00