Skip to content

Codereview#33

Merged
dhirmadi merged 3 commits into
mainfrom
codereview
Dec 15, 2025
Merged

Codereview#33
dhirmadi merged 3 commits into
mainfrom
codereview

Conversation

@dhirmadi
Copy link
Copy Markdown
Owner

@dhirmadi dhirmadi commented Dec 15, 2025

Description

Type of Change

  • 🐛 Bug fix (non-breaking change which fixes an issue)
  • ✨ New feature (non-breaking change which adds functionality)
  • 💥 Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • 📝 Documentation update
  • 🔧 Configuration change
  • 🎨 Code style update (formatting, renaming)
  • ♻️ Code refactoring (no functional changes)
  • ⚡ Performance improvement
  • ✅ Test update
  • 🔒 Security fix

Related Issue

Fixes #(issue number)

Changes Made

Testing

  • All existing tests pass
  • Added new tests for new functionality

  • [ ] Tested manually with the following scenarios:

Security Considerations

  • No sensitive data exposed in code or logs
  • Credentials properly handled (not hardcoded)
  • Input validation added where necessary
  • No new security vulnerabilities introduced

Checklist

  • My code follows the project's code style
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have updated the documentation accordingly
  • My changes generate no new warnings or errors
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published

Screenshots (if applicable)

Additional Notes

@dhirmadi
feat(auth): add Auth0 OIDC (SSO) admin login support with dual-mode a…
5cf4170 
…uthentication

- Implement Auth0 OIDC (SSO) admin login, enabling secure SSO for admin users.
- Support both Auth0 OIDC and legacy password login simultaneously (feature-flagged by config).
- Enforce email allowlisting for admin login via new `ADMIN_LOGIN_EMAILS` config.
- Add/extend design, feature spec, and implementation docs to cover dual-mode auth, state/cookie security, and backward compatibility.
- Update and add tests for SSO and password fallback scenarios.
- Review notes added under `docs_v2/09_Reviews/020_auth0_login_review.md`.

Backward compatible: deployments without Auth0 config continue to use password-only admin login.
See feature documentation for setup and migration instructions.
@dhirmadi
Auth0 SSO + password login dual-mode auth:
8b3c833 
- Add Auth0 OIDC (SSO) login option while retaining legacy password logic
- Update session, cookie, and admin protection flows for robust security and flexibility
- Backward compatible: deployments without Auth0 continue to work
- Expanded/updated tests for new flows and endpoints (incl. integration)

Also:
- Move sidecar and caption logic to new `services/sidecar.py`
- Refactor workflow and web glue for clean sidecar/caption handling
- Update endpoint handlers and e2e tests for new auth/session logic
@dhirmadi
[Docs] Update change requests for thumbnail preview optimization
2d38379
@dhirmadi dhirmadi merged commit a00d0ac into main Dec 15, 2025
5 of 7 checks passed
@dhirmadi dhirmadi deleted the codereview branch February 25, 2026 14:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dhirmadi