머니페니 98a161574e security: migrate JWT from localStorage to httpOnly cookie ...

Eliminates XSS token theft by storing JWT in httpOnly Secure cookie
instead of localStorage. Backend sets cookie on login and clears on
logout. Token extraction uses cookie-first with Authorization header
fallback for backward compatibility with existing tests.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-18 22:30:47 +09:00

..

alembic

perf: add DB performance indexes and fix N+1 query in backtest listing

2026-03-18 22:20:29 +09:00

app

security: migrate JWT from localStorage to httpOnly cookie

2026-03-18 22:30:47 +09:00

jobs

feat: wire KJB into backtest worker, add Signal API, add scheduler job

2026-02-19 15:16:13 +09:00

scripts

fix: use actual invested amounts for avg_price in seed data

2026-02-18 22:01:01 +09:00

tests

feat: add DC pension ETF-only filter to strategy API

2026-03-18 20:57:47 +09:00

.dockerignore

fix: add dockerignore files and fix docker-compose config

2026-02-02 23:10:01 +09:00

alembic.ini

feat: add Alembic migration setup with initial tables

2026-02-02 23:18:13 +09:00

Dockerfile

chore: 오류 수정, 실행 시 alembic 적용

2026-02-07 10:25:14 +09:00

pyproject.toml

chore: upgrade dependencies to latest compatible versions

2026-02-07 11:12:16 +09:00

requirements.txt

chore: upgrade dependencies to latest compatible versions

2026-02-07 11:12:16 +09:00

uv.lock

chore: upgrade dependencies to latest compatible versions

2026-02-07 11:12:16 +09:00