StarPunk

phil/StarPunk

Fork 0

Commit Graph

Author	SHA1	Message	Date
Phil Skentelbery	2eaf67279d	docs: Standardize all IndieAuth spec references to W3C URL - Updated 42 references from indieauth.spec.indieweb.org to www.w3.org/TR/indieauth - Ensures consistency across all documentation - Points to the authoritative W3C specification - No functional changes, documentation update only Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>	2025-11-24 11:54:04 -07:00
Phil Skentelbery	800bc1069d	docs: Update architecture overview to reflect v0.9.5 implementation Comprehensively updated docs/architecture/overview.md to document the actual v0.9.5 implementation instead of aspirational V1 features. Major Changes: 1. Executive Summary - Added version tag (v0.9.5) and status (Pre-V1 Release) - Updated tech stack: Python 3.11, uv, Gunicorn, Gitea Actions - Added deployment context (container-based, CI/CD) 2. Route Documentation - Public routes: Documented actual routes (/, /note/<slug>, /feed.xml, /health) - Admin routes: Updated from /admin/* to /auth/* (v0.9.2 change) - Added development routes (/dev/login) - Clearly marked implemented vs. planned routes 3. API Layer Reality Check - Notes API: Marked as NOT IMPLEMENTED (optional, deferred to V2) - Micropub endpoint: Marked as NOT IMPLEMENTED (critical V1 blocker) - RSS feed: Marked as IMPLEMENTED with full feature list (v0.6.0) 4. Authentication Flow Updates - Documented PKCE implementation (v0.8.0) - Updated IndieLogin flow to use /authorize endpoint (v0.9.4) - Added trailing slash normalization (v0.9.1) - Documented session token hashing (SHA-256) - Updated cookie name (starpunk_session, v0.5.1) - Corrected code verification endpoint usage 5. Database Schema - Added schema_migrations table (v0.9.0) - Added code_verifier to auth_state (v0.8.0) - Documented automatic migration system - Added session metadata fields (user_agent, ip_address) - Updated indexes for performance 6. Container Deployment (NEW) - Multi-stage Containerfile documentation - Gunicorn WSGI server configuration - Health check endpoint - CI/CD pipeline (Gitea Actions) - Volume persistence strategy 7. Implementation Status Section (NEW) - Comprehensive list of implemented features (v0.3.0-v0.9.5) - Clear documentation of unimplemented features - Micropub marked as critical V1 blocker - Standards validation status (partial) 8. Success Metrics - Updated with actual achievements - 70% complete toward V1 - Container deployment working - Automated migrations implemented Security documentation now accurately reflects PKCE implementation, session token hashing, and correct IndieLogin.com API usage. All route tables, data flow diagrams, and examples updated to match v0.9.5 codebase reality. Related: Architect validation report identified need to update architecture docs to reflect actual implementation vs. planned features.	2025-11-24 11:03:44 -07:00
Phil Skentelbery	a68fd570c7	that initial commit	2025-11-18 19:21:31 -07:00

Author

SHA1

Message

Date

Phil Skentelbery

2eaf67279d

docs: Standardize all IndieAuth spec references to W3C URL

- Updated 42 references from indieauth.spec.indieweb.org to www.w3.org/TR/indieauth
- Ensures consistency across all documentation
- Points to the authoritative W3C specification
- No functional changes, documentation update only

Generated with Claude Code

Co-Authored-By: Claude <noreply@anthropic.com>

2025-11-24 11:54:04 -07:00

Phil Skentelbery

800bc1069d

docs: Update architecture overview to reflect v0.9.5 implementation

Comprehensively updated docs/architecture/overview.md to document the
actual v0.9.5 implementation instead of aspirational V1 features.

Major Changes:

1. Executive Summary
   - Added version tag (v0.9.5) and status (Pre-V1 Release)
   - Updated tech stack: Python 3.11, uv, Gunicorn, Gitea Actions
   - Added deployment context (container-based, CI/CD)

2. Route Documentation
   - Public routes: Documented actual routes (/, /note/<slug>, /feed.xml, /health)
   - Admin routes: Updated from /admin/* to /auth/* (v0.9.2 change)
   - Added development routes (/dev/login)
   - Clearly marked implemented vs. planned routes

3. API Layer Reality Check
   - Notes API: Marked as NOT IMPLEMENTED (optional, deferred to V2)
   - Micropub endpoint: Marked as NOT IMPLEMENTED (critical V1 blocker)
   - RSS feed: Marked as IMPLEMENTED with full feature list (v0.6.0)

4. Authentication Flow Updates
   - Documented PKCE implementation (v0.8.0)
   - Updated IndieLogin flow to use /authorize endpoint (v0.9.4)
   - Added trailing slash normalization (v0.9.1)
   - Documented session token hashing (SHA-256)
   - Updated cookie name (starpunk_session, v0.5.1)
   - Corrected code verification endpoint usage

5. Database Schema
   - Added schema_migrations table (v0.9.0)
   - Added code_verifier to auth_state (v0.8.0)
   - Documented automatic migration system
   - Added session metadata fields (user_agent, ip_address)
   - Updated indexes for performance

6. Container Deployment (NEW)
   - Multi-stage Containerfile documentation
   - Gunicorn WSGI server configuration
   - Health check endpoint
   - CI/CD pipeline (Gitea Actions)
   - Volume persistence strategy

7. Implementation Status Section (NEW)
   - Comprehensive list of implemented features (v0.3.0-v0.9.5)
   - Clear documentation of unimplemented features
   - Micropub marked as critical V1 blocker
   - Standards validation status (partial)

8. Success Metrics
   - Updated with actual achievements
   - 70% complete toward V1
   - Container deployment working
   - Automated migrations implemented

Security documentation now accurately reflects PKCE implementation,
session token hashing, and correct IndieLogin.com API usage.

All route tables, data flow diagrams, and examples updated to match
v0.9.5 codebase reality.

Related: Architect validation report identified need to update
architecture docs to reflect actual implementation vs. planned features.

2025-11-24 11:03:44 -07:00

Phil Skentelbery

a68fd570c7

that initial commit

2025-11-18 19:21:31 -07:00

3 Commits