User Management security improvement#745
Conversation
There was a problem hiding this comment.
Code Review
This pull request implements JWT session validation and revocation against the database, requiring password confirmation for sensitive user-management actions (creation, deletion, and password changes) while exempting bearer-token callers. It adds a password_changed_at timestamp to track and invalidate older sessions, with corresponding updates to the database schema, backup restore runner, UI, and test suites. The review feedback suggests wrapping the datetime.datetime.fromtimestamp call in a try...except block to prevent potential unhandled exceptions (such as ValueError or TypeError) when parsing malformed iat claims.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
|

This PR is to improve the user management security.
PR test builds:
ghcr.io/neptunehub/audiomuse-ai:pr-745ghcr.io/neptunehub/audiomuse-ai:pr-745-nvidiaghcr.io/neptunehub/audiomuse-ai:pr-745-noavx2