Expand OAuth documentation and roadmap details
- Updated `README.md` to include OAuth/Social Login (Google, GitHub) with PKCE support under Authentication section. - Adjusted roadmap and status sections in documentation to reflect completed OAuth/social login implementation. - Clarified future plans by replacing "Additional authentication methods (OAuth, SSO)" with "SSO/SAML authentication".
This commit is contained in:
Felipe Cardoso
@@ -60,6 +60,7 @@ Default superuser (change in production):
|
||||
|
||||
### Authentication Flow
|
||||
- **JWT-based**: Access tokens (15 min) + refresh tokens (7 days)
|
||||
- **OAuth/Social Login**: Google and GitHub with PKCE support
|
||||
- **Session tracking**: Database-backed with device info, IP, user agent
|
||||
- **Token refresh**: Validates JTI in database, not just JWT signature
|
||||
- **Authorization**: FastAPI dependencies in `api/dependencies/auth.py`
|
||||
@@ -236,7 +237,7 @@ docker-compose exec backend python -c "from app.init_db import init_db; import a
|
||||
## Current Status (Nov 2025)
|
||||
|
||||
### Completed Features ✅
|
||||
- Authentication system (JWT with refresh tokens)
|
||||
- Authentication system (JWT with refresh tokens, OAuth/social login)
|
||||
- Session management (device tracking, revocation)
|
||||
- User management (CRUD, password change)
|
||||
- Organization system (multi-tenant with RBAC)
|
||||
@@ -257,7 +258,7 @@ docker-compose exec backend python -c "from app.init_db import init_db; import a
|
||||
### Planned 🔮
|
||||
- GitHub Actions CI/CD
|
||||
- Additional languages (Spanish, French, German, etc.)
|
||||
- Additional authentication methods (OAuth, SSO)
|
||||
- SSO/SAML authentication
|
||||
- Real-time notifications (WebSockets)
|
||||
- Webhook system
|
||||
- Background job processing
|
||||
|
||||
@@ -52,6 +52,7 @@ Whether you're building a SaaS, an internal tool, or a side project, PragmaStack
|
||||
|
||||
### 🔐 **Authentication & Security**
|
||||
- JWT-based authentication with access + refresh tokens
|
||||
- **OAuth/Social Login** (Google, GitHub) with PKCE support
|
||||
- Session management with device tracking and revocation
|
||||
- Password reset flow (email integration ready)
|
||||
- Secure password hashing (bcrypt)
|
||||
@@ -511,7 +512,7 @@ docker-compose down
|
||||
## 🛣️ Roadmap & Status
|
||||
|
||||
### ✅ Completed
|
||||
- [x] Authentication system (JWT, refresh tokens, session management)
|
||||
- [x] Authentication system (JWT, refresh tokens, session management, OAuth)
|
||||
- [x] User management (CRUD, profile, password change)
|
||||
- [x] Organization system with RBAC (Owner, Admin, Member)
|
||||
- [x] Admin panel (users, organizations, sessions, statistics)
|
||||
@@ -539,7 +540,7 @@ docker-compose down
|
||||
- [ ] Dynamic test coverage badges from CI
|
||||
- [ ] E2E test coverage reporting
|
||||
- [ ] Additional languages (Spanish, French, German, etc.)
|
||||
- [ ] Additional authentication methods (OAuth, SSO)
|
||||
- [ ] SSO/SAML authentication
|
||||
- [ ] Real-time notifications with WebSockets
|
||||
- [ ] Webhook system
|
||||
- [ ] File upload/storage (S3-compatible)
|
||||
|
||||
Reference in New Issue
Block a user