Files
Termix/src/backend/utils
LukeGus a2f6c90eae feat(auth): non-destructive password resets and admin reset endpoint
Password resets no longer destroy user data: the DEK is system-wrapped, so
forgot-password and admin resets are just a hash update plus session revoke.
The wipe branch survives only for accounts that never logged in since the
encryption upgrade and now requires explicit confirmDataWipe (surfaced as a
409 DATA_WIPE_REQUIRED; the reset UI asks for confirmation). Adds
POST /users/admin/reset-password and removes the dead re-encryption paths.
2026-07-16 00:36:14 -05:00
..
2026-06-29 13:28:26 -05:00
2026-05-06 15:12:07 -05:00
2026-05-06 15:12:07 -05:00
2026-06-04 14:16:53 -05:00
2026-05-06 15:12:07 -05:00
2026-03-08 18:02:14 -05:00
2026-06-04 14:16:53 -05:00
2026-06-29 13:28:26 -05:00
2026-06-29 13:28:26 -05:00
2026-06-29 13:28:26 -05:00
2026-06-04 14:16:53 -05:00
2026-01-24 19:49:42 -06:00
2026-07-15 14:55:27 +08:00
2026-04-22 16:55:23 -05:00
2026-06-04 14:16:53 -05:00
2026-05-06 15:12:07 -05:00
2026-06-04 14:16:53 -05:00
2026-07-15 14:55:27 +08:00
2026-03-08 18:02:14 -05:00
2026-06-21 15:55:41 -05:00
2026-06-29 13:28:26 -05:00
2026-06-29 13:28:26 -05:00
2026-06-04 14:16:53 -05:00
2026-05-06 15:12:07 -05:00
2026-06-21 15:55:41 -05:00
2026-06-21 15:55:41 -05:00