feat(auth): Complete OIDC security refactor and modernize test suite
- Refactored OIDC flow to implement PKCE, state/nonce validation, and BFF pattern. - Centralized configuration in Settings class (DEV_MODE, FRONTEND_URL, OIDC_REDIRECT_URI). - Updated auth routers to use conditional secure cookie flags based on DEV_MODE. - Modernized and cleaned up test suite by removing legacy Streamlit tests. - Fixed linting errors and unused imports across the backend.
This commit is contained in:
Yunxiao Xu
11
GEMINI.md
11
GEMINI.md
@@ -48,8 +48,9 @@ The frontend is a modern SPA (Single Page Application) designed for data-heavy i
|
||||
- **LangChain Docs**: See the `langchain-docs/` folder for local LangChain and LangGraph documentation.
|
||||
|
||||
## Git Operations
|
||||
- Branches should be used for specific features or bug fixes.
|
||||
- New branches should be created from the `main` branch and `conductor` branch.
|
||||
- The conductor should always use the `conductor` branch and derived branches.
|
||||
- When a feature or fix is complete, use rebase to keep the commit history clean before merging.
|
||||
- The conductor related changes should never be merged into the `main` branch.
|
||||
- All new feature and bug-fix branches must be created from the `conductor` branch except hot-fix.
|
||||
- The `conductor` branch serves as the primary development branch where integration occurs.
|
||||
- The `main` branch is reserved for stable, production-ready code.
|
||||
- Merges from `conductor` to `main` should only occur when significant milestones are reached and stability is verified.
|
||||
- Conductor-specific configuration or meta-files should remain on the `conductor` branch or its derivatives and never be merged into the `main` branch.
|
||||
- Use rebase to keep commit history clean before merging feature branches back into `conductor`.
|
||||
|
||||
Reference in New Issue
Block a user