Add browser-friendly remote token bootstrap

This commit is contained in:
Dymas
2026-05-17 14:59:48 +02:00
parent c91db90c1b
commit 47480efa30
6 changed files with 130 additions and 4 deletions
+5
View File
@@ -1,5 +1,10 @@
# Changelog
## 0.30.4 - 2026-05-17
- Added browser-friendly remote auth bootstrap: remote users can open the app once with `?token=...`, the server stores the token in an HTTP-only cookie, and then strips the token back out of the URL with a redirect.
- Kept existing remote header auth support for API clients while extending regression coverage for cookie, query-token, and bootstrap redirect access.
## 0.30.3 - 2026-05-17
- Fixed container startup under `docker-compose` and custom `USER_UID`/`USER_GID` mappings by launching the web app with `python3 /app/app.py` directly instead of relying on the `./ani-cli-web` launcher file being executable inside the container.