amalia/28-apr-26 #15

Merged

amaliadwiy merged 2 commits from amalia/28-apr-26 into main

2026-04-28 17:37:19 +08:00

Author	SHA1	Message	Date
amaliadwiy	b03f267743	upd: routing dev	2026-04-28 17:34:45 +08:00
amaliadwiy	94724a5081	feat: add Google OAuth login with USER role and pending approval flow - Add GET /api/auth/google and GET /api/auth/callback/google routes with CSRF state protection and account linking via googleId - Add getPublicOrigin() for dynamic redirect_uri (supports reverse proxy via X-Forwarded-Proto) - Add USER role to schema (default for new Google sign-ins), make password optional, add googleId and image fields - Role-based redirect after login: USER → /profile, ADMIN/DEVELOPER → /dashboard - Profile page shows pending approval alert for USER role - Dashboard redirects USER role back to profile - Login page shows specific error messages per OAuth error code Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-28 15:06:13 +08:00

Author

SHA1

Message

Date

amaliadwiy

b03f267743

upd: routing dev

2026-04-28 17:34:45 +08:00

amaliadwiy

94724a5081

feat: add Google OAuth login with USER role and pending approval flow

- Add GET /api/auth/google and GET /api/auth/callback/google routes with CSRF state protection and account linking via googleId
- Add getPublicOrigin() for dynamic redirect_uri (supports reverse proxy via X-Forwarded-Proto)
- Add USER role to schema (default for new Google sign-ins), make password optional, add googleId and image fields
- Role-based redirect after login: USER → /profile, ADMIN/DEVELOPER → /dashboard
- Profile page shows pending approval alert for USER role
- Dashboard redirects USER role back to profile
- Login page shows specific error messages per OAuth error code

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-28 15:06:13 +08:00

amalia/28-apr-26 #15

2 Commits