Skip to content

feat(auth): add JWT login endpoint with CQRS#1

Merged
thlaure merged 8 commits into
masterfrom
feat/login
Feb 15, 2026
Merged

feat(auth): add JWT login endpoint with CQRS#1
thlaure merged 8 commits into
masterfrom
feat/login

Conversation

@thlaure

@thlaure thlaure commented Feb 14, 2026

Copy link
Copy Markdown
Owner

Summary

  • Add JWT-based authentication using Lexik JWT Authentication Bundle
  • Implement login endpoint (POST /api/login) following CQRS and Hexagonal Architecture
  • Include User entity, migration, Doctrine repository, security configuration, and data fixtures
  • Add unit tests for the LoginHandler

Test plan

  • Run make quality (lint, analyse, rector)
  • Run make tests-unit to verify LoginHandler tests pass
  • Test POST /api/login with valid credentials returns a JWT token
  • Test POST /api/login with invalid credentials returns 401
  • Verify JWT keys are generated (php bin/console lexik:jwt:generate-keypair)

🤖 Generated with Claude Code

Thomas Laure and others added 8 commits February 14, 2026 14:30
Add user authentication with Lexik JWT bundle:
User entity, login command/handler, Doctrine
repository, security config, and migration.
Includes unit tests for the login handler.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add unit tests for LoginInput DTO validation and all
10 previously untested Domain handlers (Category, Feed,
Article, Bookmark). Add Behat acceptance tests for the
login endpoint (7 scenarios). Update existing features
to authenticate via JWT. Configure GrumPHP with PHPUnit,
Behat and Rector. Add CI coverage threshold (80%) and
Behat step. Domain coverage now at 93%.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Mark all handler tests and Behat features as Done.
Add Auth domain section to roadmap. Add JWT auth,
Behat, coverage, and GrumPHP sections to testing
guide.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace real passphrase with placeholder in tracked
.env file. Actual value lives in gitignored .env.local.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The CI had no JWT key pair, causing all authenticated
Behat scenarios to fail with JWTEncodeFailureException.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add JWT authentication layer to the frontend with
login page, auth context, protected routes, and
automatic Bearer token injection via axios
interceptor.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add POST /api/v1/auth/register with CQRS pattern,
email uniqueness check (409), validation (422),
frontend registration form, and full test coverage.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Block login until email is verified. After registration,
an HMAC-signed verification link is sent via async email.
Adds verify-email and resend-verification endpoints,
Mailpit for local dev, and frontend verification pages.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@thlaure thlaure merged commit c705538 into master Feb 15, 2026
4 checks passed
@thlaure thlaure deleted the feat/login branch February 15, 2026 17:00
thlaure added a commit that referenced this pull request Mar 14, 2026
feat(auth): add JWT login endpoint with CQRS
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant