ecommerce-platform

davide/ecommerce-platform

Fork 0

Commit Graph

Author	SHA1	Message	Date
davide	fcfa0707a1	fix(security): replace localStorage user state with server-side session - Add GET /api/auth/me endpoint returning current user from httpOnly cookie - Add UserContext + useUser() hook that fetches from /api/auth/me on mount - Wrap root layout with UserProvider - Remove all localStorage.setItem/getItem('user') calls from login, register, navbar, account pages, change-password, and checkout - mustChangePassword redirect now reads from refreshed server session	2026-05-19 10:10:24 +02:00

Author

SHA1

Message

Date

davide

fcfa0707a1

fix(security): replace localStorage user state with server-side session

- Add GET /api/auth/me endpoint returning current user from httpOnly cookie
- Add UserContext + useUser() hook that fetches from /api/auth/me on mount
- Wrap root layout with UserProvider
- Remove all localStorage.setItem/getItem('user') calls from login, register,
  navbar, account pages, change-password, and checkout
- mustChangePassword redirect now reads from refreshed server session

2026-05-19 10:10:24 +02:00

1 Commits