siftlode/backend/app
npeter83 fa0d0bceaf fix(auth): preserve OAuth scopes across re-login + accurate multi-admin request emails
Two user-reported signin bugs:

1) A plain re-login (or logout→login) wiped the user's YouTube grant: login requests
   only BASE_SCOPES and Google's returned `scope` can list just those, but _store_token
   wrote it verbatim — dropping a previously-granted youtube.readonly/youtube scope, so
   can_read flipped to false and the feed demanded a reconnect. The underlying grant
   (refresh token) survives such a login, so UNION the scopes instead of narrowing; they
   only shrink on full disconnect (purge deletes the token row).

2) Admin 'new access request' email: (a) it named the wrong menu ('Settings → Account'
   instead of Users → Access requests); (b) the requester address was invisible so the
   'reply reaches them' note looked wrong (Reply-To is in fact set to the requester) —
   now spelled out + a deep-link straight to the approve view (?admin=access-requests,
   handled in App); (c) it emailed only the static env ADMIN_EMAILS — now notifies the
   ACTUAL admins (active role=admin users) unioned with env, so a UI-promoted admin (who
   CAN approve — the approve UI is role-gated) is notified too.
2026-07-12 04:34:07 +02:00
..
downloads Merge branch 'dev' into chore/code-hygiene 2026-07-11 16:22:39 +02:00
plex Plex backend pass (#9): watch_sync bugs + backend dedup 2026-07-11 23:48:35 +02:00
routes chore(auth): drop now-dead session guard in messages_ws epoch read 2026-07-12 04:17:02 +02:00
static chore: rebrand Subfeed -> Siftlode 2026-06-14 04:40:22 +02:00
sync chore(hygiene): Phase 4 guardrails — noUnusedLocals/Parameters + dead-code sweep 2026-07-12 02:15:52 +02:00
youtube fix(auth): security hardening — token encryption, timing, adoption + isolation 2026-07-11 21:26:39 +02:00
__init__.py feat: M1 foundation — compose stack, FastAPI, Google OAuth, encrypted tokens 2026-06-11 01:01:37 +02:00
auth.py fix(auth): preserve OAuth scopes across re-login + accurate multi-admin request emails 2026-07-12 04:34:07 +02:00
config.py feat(auth): SA3 — trusted-proxy X-Forwarded-For for rate limiting 2026-07-12 03:42:41 +02:00
db.py fix(plex): image proxy no longer exhausts the DB connection pool 2026-07-06 07:14:28 +02:00
email.py fix(auth): preserve OAuth scopes across re-login + accurate multi-admin request emails 2026-07-12 04:34:07 +02:00
main.py feat(share): rich link previews (Open Graph) for /watch pages 2026-07-07 20:19:30 +02:00
models.py feat(auth): SA4 — server-side session revocation via per-user session epoch 2026-07-12 03:00:16 +02:00
notifications.py feat(notifications): durable per-user inbox (P1) + maintenance schema 2026-06-18 03:20:17 +02:00
progress.py feat(scheduler): admin run-now/run-all triggers + live progress + completion notices 2026-06-18 04:01:10 +02:00
quota.py feat(channels): channel-explore backend — about metadata, ephemeral provenance, cleanup 2026-06-30 02:52:44 +02:00
ratelimit.py feat(demo): demo-account schema + reusable rate limiter 2026-06-16 09:17:14 +02:00
realtime.py feat(messages): end-to-end encrypted real-time direct messaging backend 2026-06-25 22:05:35 +02:00
scheduler.py chore(scheduler): dedup token-user query + drop pointless rss lambda 2026-07-11 19:44:53 +02:00
security.py fix(auth): security hardening — token encryption, timing, adoption + isolation 2026-07-11 21:26:39 +02:00
state.py refactor(auth): centralize token hashing, email validation & admin gating 2026-06-26 03:15:36 +02:00
sysconfig.py feat(plex): Phase A — one-time Plex→Siftlode watch-state import 2026-07-09 14:42:18 +02:00
titles.py feat(titles): normalize video titles for display (feed, search, downloads) 2026-07-03 03:00:08 +02:00
utils.py refactor(auth): centralize token hashing, email validation & admin gating 2026-06-26 03:15:36 +02:00
worker.py fix(config): honor DB-overridable download layout + retention (env-vs-DB drift) 2026-07-11 19:44:53 +02:00