Skip to content

Add account profile password change flow#59

Merged
TheSilkky merged 2 commits into
developfrom
issue-47-account-profile-password-change
Jun 5, 2026
Merged

Add account profile password change flow#59
TheSilkky merged 2 commits into
developfrom
issue-47-account-profile-password-change

Conversation

@TheSilkky

@TheSilkky TheSilkky commented Jun 5, 2026

Copy link
Copy Markdown
Member

Summary

  • Add an authenticated account profile route with safe account metadata from GET /v1/account.
  • Add a password-change form backed by POST /v1/account/password, with fixed safe error messages and explicit success-session wording.
  • Refresh session account metadata after successful password change while keeping the current session active.
  • Add profile navigation from the app shell and account menu.
  • Update docs and tests for the implemented account profile/password flow.

Validation

  • npm run typecheck
  • npm run lint
  • npm run test
  • npm run build
  • npm run test:e2e
  • git diff --check

Security and Scope

  • Frontend-only change; no backend implementation or deployment configuration changes.
  • Uses documented account routes only: GET /v1/account and POST /v1/account/password.
  • Passwords and request bodies are not logged, displayed, copied into route text, or persisted in session storage.
  • No browser decryption, key unwrapping, recording, notification, emergency-response, admin-route, OAuth, JWT, billing, or password-reset-by-email behavior added.
  • Password-change success keeps this browser session active and relies on the server to revoke other account sessions.

Closes #47

@TheSilkky

TheSilkky commented Jun 5, 2026

Copy link
Copy Markdown
Member Author

@codex review

Please review this PR for correctness, security, scope control, tests, and
consistency with README.md, AGENTS.md, SECURITY.md, and relevant docs.

Focus on frontend route behavior, API client assumptions against
open-proofline/server, token handling, no secret logging, no browser decryption
or key unwrapping, Catalyst licensing boundaries, and validation results.

chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed Jun 5, 2026
View reviewed changes

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9faf2eb31b

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread src/routes/account.tsx Outdated
@TheSilkky TheSilkky marked this pull request as ready for review June 5, 2026 14:43
@TheSilkky TheSilkky merged commit a6c9519 into develop Jun 5, 2026
1 check passed
@TheSilkky TheSilkky deleted the issue-47-account-profile-password-change branch June 5, 2026 18:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add Account Profile Password Change Flow

1 participant

@TheSilkky