<feed xmlns='http://www.w3.org/2005/Atom'>
<title>doot.git/internal/auth/handlers_test.go, branch master</title>
<subtitle>doot — personal productivity web app
</subtitle>
<id>https://git.terst.org/doot.git/atom?h=master</id>
<link rel='self' href='https://git.terst.org/doot.git/atom?h=master'/>
<link rel='alternate' type='text/html' href='https://git.terst.org/doot.git/'/>
<updated>2026-02-06T01:35:01+00:00</updated>
<entry>
<title>Add passkey (WebAuthn) authentication support</title>
<updated>2026-02-06T01:35:01+00:00</updated>
<author>
<name>Peter Stone</name>
<email>thepeterstone@gmail.com</email>
</author>
<published>2026-02-06T01:35:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.terst.org/doot.git/commit/?id=0a1001eb0bd2d1f7c0624ae1ef8ae7ccdb3447d4'/>
<id>urn:sha1:0a1001eb0bd2d1f7c0624ae1ef8ae7ccdb3447d4</id>
<content type='text'>
Enable passwordless login via passkeys as an alternative to password auth.
Users register passkeys from Settings; the login page offers both options.
WebAuthn is optional — only active when WEBAUTHN_RP_ID and WEBAUTHN_ORIGIN
env vars are set.

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;
</content>
</entry>
<entry>
<title>Fix all static analysis errors (golangci-lint)</title>
<updated>2026-01-26T06:55:58+00:00</updated>
<author>
<name>Peter Stone</name>
<email>thepeterstone@gmail.com</email>
</author>
<published>2026-01-26T06:55:58+00:00</published>
<link rel='alternate' type='text/html' href='https://git.terst.org/doot.git/commit/?id=f5b997bfc4c77ef262726d14b30d387eb7acd1c6'/>
<id>urn:sha1:f5b997bfc4c77ef262726d14b30d387eb7acd1c6</id>
<content type='text'>
- Fix errcheck: handle all error return values in production code
- Fix errcheck: handle all error return values in test files
- Fix staticcheck: replace deprecated WithCredentialsFile with WithAuthCredentialsFile
- Remove unused code: authHeaders, planToEatPlannerItem, planToEatResponse
- Use defer func() { _ = x.Close() }() pattern for ignored close errors

Co-Authored-By: Claude Opus 4.5 &lt;noreply@anthropic.com&gt;
</content>
</entry>
<entry>
<title>Add CSRF protection and auth unit tests</title>
<updated>2026-01-21T01:18:57+00:00</updated>
<author>
<name>Peter Stone</name>
<email>thepeterstone@gmail.com</email>
</author>
<published>2026-01-21T01:18:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.terst.org/doot.git/commit/?id=78e8f597ff28f1b8406f5cfbf934adc22abdf85b'/>
<id>urn:sha1:78e8f597ff28f1b8406f5cfbf934adc22abdf85b</id>
<content type='text'>
Add CSRF token middleware for state-changing request protection,
integrate tokens into templates and HTMX headers, and add unit
tests for authentication service and handlers.

Co-Authored-By: Claude Opus 4.5 &lt;noreply@anthropic.com&gt;
</content>
</entry>
</feed>
