Skip to content

Releases: vhscom/private-landing

Private Landing v1.0.0-alpha.2

23 Jan 23:26
@vhscom vhscom
1.0.0-alpha.2
1afef5c
This commit was signed with the committer’s verified signature.
vhscom Josh Habdas
GPG key ID: E7788EBA96876C6A
Learn about vigilant mode.
Compare
Choose a tag to compare
Private Landing v1.0.0-alpha.2 Pre-release
Pre-release

Edge-optimized authentication with complete session lifecycle.

Core Features

Authentication System

  • Complete session termination with database cleanup
  • Cross-domain cookie handling with security defaults
  • Security header optimizations:
    • Content Security Policy (CSP)
    • Cross-Origin protections
    • Frame and resource controls

API Foundation

  • Test suite with Vitest and Cloudflare Workers
  • Database seeding for development
  • Optimized edge performance
  • Type-safe implementations

Developer Experience

  • Test coverage for auth flows
  • Database setup scripts
  • Local environment tooling
  • Streamlined project structure

Technical Details

  • Database-backed session invalidation
  • Domain-aware cookie configuration
  • Cross-origin security defaults
  • Auth flow test coverage

Getting Started

See the README for:

  • Installation steps
  • Database setup
  • Environment configuration
  • Development workflow

Note

Completes authentication lifecycle with secure logout. See ADR-001 for implementation details.

Assets 2
Loading

Private Landing v1.0.0-alpha.1

10 Jan 02:00
@vhscom vhscom
1.0.0-alpha.1
a9008b4
This commit was signed with the committer’s verified signature.
vhscom Josh Habdas
GPG key ID: E7788EBA96876C6A
Learn about vigilant mode.
Compare
Choose a tag to compare
Private Landing v1.0.0-alpha.1 Pre-release
Pre-release

Initial alpha release establishing a foundation for building authenticated APIs using Cloudflare Workers, Hono, and Turso. This release implements core authentication features following NIST guidelines and security best practices.

Core Features

Authentication System

  • NIST-compliant password storage using PBKDF2-SHA384
  • Hybrid JWT + session-based authentication
  • Secure session tracking with nanoid-generated IDs
  • Automatic token refresh handling
  • HTTP-only secure cookies with SameSite protection

API Foundation

  • Edge-optimized with Cloudflare Workers
  • Hono-based REST API framework
  • Turso SQLite database integration
  • TypeScript throughout

Developer Experience

  • Database management scripts
  • Local development environment
  • Comprehensive documentation
  • Type-safe implementations

Technical Details

  • Access tokens: 15-minute lifetime
  • Refresh tokens: 7-day lifetime
  • Session management with device tracking
  • Database-backed session validation
  • Configurable security parameters

Getting Started

See the README for:

  • Prerequisites and installation
  • Database setup instructions
  • Environment configuration
  • Development workflow

Note

This alpha release focuses on establishing a secure authentication foundation. Some planned security enhancements (rate limiting, token rotation, advanced session management) will be rolled out in upcoming releases.

Feedback and contributions are welcome, especially regarding the authentication implementation and security features.

Assets 2
Loading