pulse-mobile

daniil/pulse-mobile

Fork 0

Commit Graph

Author	SHA1	Message	Date
Daniil Klimov	0c21a14cb9	fix: remove Keychain accessGroup — fixes auth reset and health data - Remove kSecAttrAccessGroup from KeychainService (requires entitlement that keeps getting stripped by Xcode) - Basic Keychain works without accessGroup for the main app - Fix health credentials migration check — use KeychainService.load directly - Tokens now persist correctly between app launches Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-06 14:29:52 +03:00
Daniil Klimov	f2580eb69f	feat: iOS widgets + fix sleep showing yesterday's data Widgets: - HabitsProgressWidget (small/medium): progress ring, completed/total habits, tasks count - HealthSummaryWidget (small/medium): readiness score, steps, sleep, heart rate - Shared Keychain access group for app ↔ widget token sharing - Widget data refreshes every 30 minutes Sleep fix: - Changed sleep window from "24 hours back" to "6 PM yesterday → now" - Captures overnight sleep correctly without showing previous day's data - Applied to both fetchSleepData (sync) and fetchSleepSegments (detail view) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-06 14:22:37 +03:00
Daniil Klimov	44c759c190	fix: security hardening — Keychain, no hardcoded creds, safe URLs - Add KeychainService for encrypted token storage (auth, refresh, health JWT, API key) - Remove hardcoded email/password from HealthAPIService, store in Keychain - Move all tokens from UserDefaults to Keychain - API key sent via X-API-Key header instead of URL query parameter - Replace force unwrap URL(string:)! with guard let + throws - Fix force unwrap Calendar.date() in HealthKitService - Mark HealthKitService @MainActor for thread-safe @Published - Use withTaskGroup for parallel habit log fetching in TrackerView - Check notification permission before scheduling reminders - Add input validation (title max 200 chars) - Add privacy policy and terms links in Settings - Update CLAUDE.md with security section Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-06 14:11:10 +03:00

Author

SHA1

Message

Date

Daniil Klimov

0c21a14cb9

fix: remove Keychain accessGroup — fixes auth reset and health data

- Remove kSecAttrAccessGroup from KeychainService (requires entitlement
  that keeps getting stripped by Xcode)
- Basic Keychain works without accessGroup for the main app
- Fix health credentials migration check — use KeychainService.load directly
- Tokens now persist correctly between app launches

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-06 14:29:52 +03:00

Daniil Klimov

f2580eb69f

feat: iOS widgets + fix sleep showing yesterday's data

Widgets:
- HabitsProgressWidget (small/medium): progress ring, completed/total habits, tasks count
- HealthSummaryWidget (small/medium): readiness score, steps, sleep, heart rate
- Shared Keychain access group for app ↔ widget token sharing
- Widget data refreshes every 30 minutes

Sleep fix:
- Changed sleep window from "24 hours back" to "6 PM yesterday → now"
- Captures overnight sleep correctly without showing previous day's data
- Applied to both fetchSleepData (sync) and fetchSleepSegments (detail view)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-06 14:22:37 +03:00

Daniil Klimov

44c759c190

fix: security hardening — Keychain, no hardcoded creds, safe URLs

- Add KeychainService for encrypted token storage (auth, refresh, health JWT, API key)
- Remove hardcoded email/password from HealthAPIService, store in Keychain
- Move all tokens from UserDefaults to Keychain
- API key sent via X-API-Key header instead of URL query parameter
- Replace force unwrap URL(string:)! with guard let + throws
- Fix force unwrap Calendar.date() in HealthKitService
- Mark HealthKitService @MainActor for thread-safe @Published
- Use withTaskGroup for parallel habit log fetching in TrackerView
- Check notification permission before scheduling reminders
- Add input validation (title max 200 chars)
- Add privacy policy and terms links in Settings
- Update CLAUDE.md with security section

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-06 14:11:10 +03:00

3 Commits