Skip to content

P2: Standardize auth to JWT (deprecate phpPassword) #85

Description

@Kinin-Code-Offical

Authentication is inconsistent, using both phpPassword and some JWT logic. All endpoints must be standardized to use JWT.

Acceptance Criteria:

  • Create a reusable �uth_check.php that validates a Bearer token.
  • Refactor all protected endpoints to use this auth check.
  • Completely remove the phpPassword check from all endpoints.
  • Update the Flutter HttpWrapper to only send the JWT Authorization header and not the phpPassword.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area: authRelated to authentication or authorizationarea: securitySecurity vulnerabilitiespriority: P2Security and Authentication taskstype: enhancementA new feature or enhancement

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions