Ryan Walters 67c9460c84 refactor(auth): implement session-based PKCE and eliminate provider duplication ...

- Replace in-memory PKCE storage with encrypted session cookies
- Add PKCE verifier and CSRF state fields to JWT Claims struct
- Move common PKCE validation logic to OAuthProvider trait
- Extract provider-specific methods for token exchange and user fetching
- Remove PkceManager and DashMap-based storage system
- Update GitHub and Discord providers to use new session-based approach

2025-09-19 10:23:33 -05:00

4.0 KiB

Raw Blame History

View Raw