pgz-sport

damir/pgz-sport

Fork 0

Commit Graph

Author	SHA1	Message	Date
damir	67372d6c58	R7: GDPR /users/me/request-deletion alias + remove duplicate profileDeleteAccount - auth/gdpr.py: dodan @me_router.post('/request-deletion') alias koji proxy-a na request_erasure (Art. 17). Koristi pravi EraseReq pydantic. - static/app.html: obrisana placeholder profileDeleteAccount funkcija na liniji 944 (M10 mock alert) — sada samo real implementacija na 1902. - E2E verified: damir@pgz.hr → POST /users/me/request-deletion → 200, DB row pgz_sport.gdpr_erasure_requests #1 pending. Tag: P0-demo-fix	2026-05-05 02:06:34 +02:00
Damir Radulić	492c8fdd87	M1+M2+M10 (CC2 R3): JWT auth + admin users + GDPR backend - auth/auth_v2.py: JWT login/refresh/logout/me + bcrypt + tenant_id/role/tier claims - auth/admin_users.py: /api/admin/users CRUD + invite/role/suspend + bulk CSV - auth/gdpr.py: cookie consent + Art.20 export + Art.17 erasure + admin queue - auth/seed_demo.py: 3 demo tenants + 4 users (damir@pgz.hr / PGZ2026!) - Removed legacy /api/auth/login + /api/auth/me from pgz_sport_api.py - Wired auth/admin/gdpr routers into FastAPI 5/5 live curl tests pass: damir@pgz.hr login → JWT with tenant_id=1, role=pgz_admin, tier=0	2026-05-05 00:09:09 +02:00
Damir Radulić	a7ec0a86be	PGŽ Sport Platform — Round 1+2 baseline (sport2.html + API)	2026-05-04 23:39:08 +02:00

Author

SHA1

Message

Date

damir

67372d6c58

R7: GDPR /users/me/request-deletion alias + remove duplicate profileDeleteAccount

- auth/gdpr.py: dodan @me_router.post('/request-deletion') alias
  koji proxy-a na request_erasure (Art. 17). Koristi pravi EraseReq pydantic.
- static/app.html: obrisana placeholder profileDeleteAccount funkcija
  na liniji 944 (M10 mock alert) — sada samo real implementacija na 1902.
- E2E verified: damir@pgz.hr → POST /users/me/request-deletion → 200,
  DB row pgz_sport.gdpr_erasure_requests #1 pending.

Tag: P0-demo-fix

2026-05-05 02:06:34 +02:00

Damir Radulić

492c8fdd87

M1+M2+M10 (CC2 R3): JWT auth + admin users + GDPR backend

- auth/auth_v2.py: JWT login/refresh/logout/me + bcrypt + tenant_id/role/tier claims
- auth/admin_users.py: /api/admin/users CRUD + invite/role/suspend + bulk CSV
- auth/gdpr.py: cookie consent + Art.20 export + Art.17 erasure + admin queue
- auth/seed_demo.py: 3 demo tenants + 4 users (damir@pgz.hr / PGZ2026!)
- Removed legacy /api/auth/login + /api/auth/me from pgz_sport_api.py
- Wired auth/admin/gdpr routers into FastAPI

5/5 live curl tests pass: damir@pgz.hr login → JWT with tenant_id=1, role=pgz_admin, tier=0

2026-05-05 00:09:09 +02:00

Damir Radulić

a7ec0a86be

PGŽ Sport Platform — Round 1+2 baseline (sport2.html + API)

2026-05-04 23:39:08 +02:00

3 Commits