02b24a3ac1
- Fixed DateTime timestamp issues (use timestamp_millis instead of to_millis) - Implemented token rotation: old refresh tokens revoked on refresh - Implemented logout revocation: tokens immediately marked as revoked - Removed rate limiting (deferred to Phase 2.6) - Created comprehensive verification report - Updated STATUS.md All Phase 2.3 objectives complete: ✅ JWT Access Tokens (15 min expiry) ✅ JWT Refresh Tokens (30 day expiry) ✅ Token Rotation ✅ Token Revocation ✅ PBKDF2 Password Hashing ✅ Auth endpoints (register, login, refresh, logout) ✅ Protected routes with JWT middleware ✅ Health check endpoints Compiles successfully with only unused code warnings. |
||
|---|---|---|
| .. | ||
| auth | ||
| config | ||
| db | ||
| handlers | ||
| middleware | ||
| models | ||
| main.rs | ||