oatpp-authkit

History

Uwe Schuster 46971acf99 AuthInterceptor: strip query string before policy check Request-target from getStartingLine().path includes the query string (e.g. "/set-password?token=abc"), causing exact-match public-path checks like `path == "/set-password"` in IAuthPolicy::isPublicPath to fail and the request to be rejected with 401. Strip the query string once at the top of intercept() so policies and access logs see clean paths. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>		2026-04-25 11:41:48 +02:00
..
auth	AuthInterceptor: strip query string before policy check	2026-04-25 11:41:48 +02:00
db	v0.3.1: Add db::AuditLog — lifted from fewo-webapp with table rename	2026-04-23 12:36:03 +02:00
handler	v0.2.1: wrap clean-lift headers in namespace oatpp_authkit	2026-04-21 21:53:21 +02:00
interceptor	v0.2.1: wrap clean-lift headers in namespace oatpp_authkit	2026-04-21 21:53:21 +02:00
mail	v0.3.2: Add mail::SmtpTransport — lifted from fewo-webapp	2026-04-23 15:06:35 +02:00
startup	v0.1.0: initial clean-lift from fewo-webapp	2026-04-21 21:42:53 +02:00
systemd	Add systemd::notify helper (zero-dep sd_notify protocol)	2026-04-22 23:01:40 +02:00
util	v0.2.1: wrap clean-lift headers in namespace oatpp_authkit	2026-04-21 21:53:21 +02:00
ws	Add ws::Hub + ws::Listener — WebSocket pub/sub hub	2026-04-22 23:19:40 +02:00