cs_betty/api
1
0
Fork 0
forked from cartsnitch/api
Code Pull Requests 2 Activity
Files
a73c26ab63b3947673b6a4a5a2a4ab0b49359ced
api/tests/test_auth
T
History
Barcode Betty 30e4c69ff6 fix(api): revert SHA-256 session token hashing — better-auth stores raw tokens 
Better-auth v1.5.6 stores raw 32-char tokens in sessions.token, not SHA-256
hashes. The SHA-256 fix from PR #136 causes all authenticated API calls to
return 401 because the UAT sessions table contains raw tokens.

- Remove hashlib from dependencies.py; compare tokens directly
- Remove hashlib from conftest.py; store raw tokens in test DB
- Remove hashlib from test_expired_session_rejected; use raw tokens

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-04 19:21:26 +00:00
..
__init__.py
feat: merge cartsnitch/api into api/ subdirectory
2026-03-28 02:24:02 +00:00
test_auth_endpoints.py
fix(api): revert SHA-256 session token hashing — better-auth stores raw tokens
2026-04-04 19:21:26 +00:00