Implement Garmin token management endpoints (P2.2, P2.3)

Added three Garmin API endpoints for token management:

- POST /api/garmin/tokens: Accepts oauth1, oauth2, expires_at;
  encrypts tokens using AES-256-GCM; stores in user record;
  returns daysUntilExpiry

- DELETE /api/garmin/tokens: Clears encrypted tokens from user
  record and sets garminConnected to false

- GET /api/garmin/status: Returns connection status, days until
  expiry, expired flag, and warning level (critical ≤7 days,
  warning 8-14 days)

All endpoints use withAuth() middleware for authentication.
Added 26 tests covering encryption, validation, auth, and
warning level thresholds.

Also added pb_data/ to .gitignore for PocketBase data.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

This commit is contained in:

Petru

2026-01-10 19:45:16 +00:00

parent 24b7c0fd3e

commit 0fc25a49f1

6 changed files with 832 additions and 23 deletions

3

.gitignore vendored

View File

@@ -24,6 +24,9 @@
 .DS_Store
 *.pem
 # pocketbase
 pb_data/
 # debug
 npm-debug.log*
 yarn-debug.log*

Implement Garmin token management endpoints (P2.2, P2.3)

3 .gitignore vendored Unescape Escape View File

3

.gitignore vendored

View File