Authentication

OAuth authentication and session management

📄️ OAuth callback

Handles the OAuth provider callback. Validates the state parameter, exchanges the authorization code for tokens, creates or updates the user, issues a session cookie, and redirects to the dashboard

📄️ Initiate GitHub OAuth

Redirects the user to GitHub to begin the OAuth 2.0 authorization flow

📄️ Initiate Google OAuth

Redirects the user to Google to begin the OAuth 2.0 authorization flow

📄️ Logout

Deletes the server-side session and clears all auth cookies (access token, refresh token, legacy session)

📄️ Get current user

Returns information about the currently authenticated user

📄️ List enabled OAuth providers

Returns the list of OAuth providers configured and enabled on this instance

📄️ Refresh access token

Validates the refresh token from the httpOnly cookie and issues a new short-lived access token. Rate limited to 30 requests per hour per session