yiekheng/cm_whatsapp_bot_v1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
cm_whatsapp_bot_v1/apps/web
History
yiekheng b77a9d106d feat(web): middleware gates non-allowlisted paths on session cookie 
Edge-runtime check via auth-cookie.verifySession. /api/* paths get a
401 (no body) when unauthenticated; pages get a 307 to /login with
the original path encoded into ?next=. Allowlist explicitly excludes
/api/events and /api/qr — both were unauthenticated in v1.1.0 and
let an unauthenticated client snoop the entire SSE event stream and
enumerate paired account QR codes.
2026-05-10 17:57:07 +08:00
..
public
feat(web): PWA via @serwist/next + manifest + icons (P3/T22)
2026-05-10 13:20:45 +08:00
scripts
feat(web): PWA via @serwist/next + manifest + icons (P3/T22)
2026-05-10 13:20:45 +08:00
src
feat(web): middleware gates non-allowlisted paths on session cookie
2026-05-10 17:57:07 +08:00
components.json
feat(web): shadcn/ui init + base components
2026-05-09 22:46:16 +08:00
next-env.d.ts
feat(web): browser notifications for reminder + send-test events
2026-05-10 13:30:40 +08:00
next.config.ts
feat(web): PWA via @serwist/next + manifest + icons (P3/T22)
2026-05-10 13:20:45 +08:00
package.json
chore: add bcryptjs to web + db packages
2026-05-10 17:41:06 +08:00
postcss.config.mjs
feat(web): scaffold Next.js 16 app with Tailwind 4 + Geist
2026-05-09 22:40:03 +08:00
tsconfig.json
feat(web): scaffold Next.js 16 app with Tailwind 4 + Geist
2026-05-09 22:40:03 +08:00
vitest.config.ts
test(web): unit tests for accounts-list layout and behaviour
2026-05-10 01:06:38 +08:00