mirror of
https://github.com/tiennm99/llmapikey.git
synced 2026-06-17 04:48:12 +00:00
tiennm99
559bac8104
Self-contained GitHub OAuth (Arctic) with a stateless HS256 signed-cookie session (jose); Supabase is downgraded to the Postgres host only. - Origin-derived callback (no redirect-uri env); read:user scope; access token read once at callback and discarded (no token storage). - CSRF via single-use state cookie; open-redirect guard on next. - getCurrentGithubIdentity() now reads the session cookie, preserving the numeric provider_id identity contract for admin/dashboard/mint. - Remove @supabase/ssr + @supabase/supabase-js, middleware, and the supabase-dependent rls test; delete lib/supabase clients.
27 lines
544 B
JSON
27 lines
544 B
JSON
{
|
|
"name": "llmapikey",
|
|
"version": "0.1.0",
|
|
"private": true,
|
|
"type": "module",
|
|
"scripts": {
|
|
"dev": "next dev",
|
|
"build": "next build",
|
|
"start": "next start",
|
|
"lint": "next lint",
|
|
"test": "node --test \"tests/*.test.js\""
|
|
},
|
|
"dependencies": {
|
|
"arctic": "^3.7.0",
|
|
"jose": "^6.2.3",
|
|
"next": "^15.1.6",
|
|
"postgres": "^3.4.5",
|
|
"react": "^19.0.0",
|
|
"react-dom": "^19.0.0",
|
|
"server-only": "^0.0.1"
|
|
},
|
|
"devDependencies": {
|
|
"eslint": "^9.18.0",
|
|
"eslint-config-next": "^15.1.6"
|
|
}
|
|
}
|