feat: add global event listener for mannschaften updates in Navigation component
feat: notify app of mannschaften changes after CSV save and handle visibility changes
refactor: remove unused anlagen page
fix: update CmsMannschaften reference in sportbetrieb page for reactivity
fix: enhance authentication token retrieval in passkey API endpoints
feat: implement refresh session and access token generation for Android clients in passkey login
fix: unify token retrieval method across passkey API endpoints
feat: add MediaTypes utility for JSON content type in Android app
feat: create PasskeyRepository for handling passkey authentication and registration in Android app
feat: add validated text field and rich text components for Android UI
feat: implement newsletter subscription and unsubscription screens in Android app
feat: create public pages including Impressum with dynamic content loading
- Added support for generating Android access tokens and managing refresh sessions in the auth endpoints.
- Implemented new tests for login, logout, and refresh functionalities specific to Android clients.
- Enhanced password reset logging with normalization and masking of email addresses.
- Created a new diagnostics endpoint for password reset attempts, including filtering and summarizing logs.
- Introduced a new utility for managing password reset logs with retention policies.
- Added tests for password reset log utilities to ensure proper functionality and privacy compliance.
- Updated WebAuthn configuration tests to validate origin handling for production and allowed origins.
This commit deletes several files related to Passkey functionality, including CORS_TEST_ANLEITUNG.md, CROSS_DEVICE_DEBUG.md, CROSS_DEVICE_PROBLEM_ZUSAMMENFASSUNG.md, SMARTPHONE_TEST_ANLEITUNG.md, test-cors.html, test-smartphone.html, and Vue components for Passkey registration and recovery. These removals are part of a broader effort to streamline the codebase and focus on core authentication methods while Passkey support is under review.
Update the CORS header variable name from 'origin' to 'requestOrigin' in both login and registration API endpoints for improved clarity and consistency. This change enhances the readability of the code while maintaining support for cross-device authentication.
Enhance authentication options in the server API by adding CORS headers to support cross-device authentication. Implement handling for preflight OPTIONS requests and increase timeout for registration and authentication processes to 5 minutes, improving user experience and compatibility across devices.
