bincio-activity

brut/bincio-activity

Fork 0

Commit Graph

Author	SHA1	Message	Date
Davide Scaini	f003fdd89f	garmin sync first attempt	2026-04-12 15:36:21 +02:00
Davide Scaini	6c431e8821	Here's what was built and why each decision was made: Key at data_dir.parent/.garmin_key — nginx serves location /data/ { alias /var/bincio/data/; } so anything inside that dir is reachable. The key lives one level up at /var/bincio/.garmin_key, outside nginx's reach. Two-layer storage — garmin_creds.json holds the encrypted email+password (needed for re-login when tokens expire); garmin_session/ holds the garth OAuth tokens in plain JSON (short-lived, not the user's actual password). test_login() — called by the connect endpoint before saving anything, so credentials are only persisted if they actually work. get_client() — tries the session first (fast, no network), falls back to full re-login transparently. The caller never needs to think about whether the session is fresh.	2026-04-12 15:12:20 +02:00

Author

SHA1

Message

Date

Davide Scaini

f003fdd89f

garmin sync first attempt

2026-04-12 15:36:21 +02:00

Davide Scaini

6c431e8821

Here's what was built and why each decision was made:

Key at data_dir.parent/.garmin_key — nginx serves location /data/ { alias /var/bincio/data/; } so
  anything inside that dir is reachable. The key lives one level up at /var/bincio/.garmin_key,
  outside nginx's reach.

  Two-layer storage — garmin_creds.json holds the encrypted email+password (needed for re-login when
  tokens expire); garmin_session/ holds the garth OAuth tokens in plain JSON (short-lived, not the
  user's actual password).

  test_login() — called by the connect endpoint before saving anything, so credentials are only
  persisted if they actually work.

  get_client() — tries the session first (fast, no network), falls back to full re-login
  transparently. The caller never needs to think about whether the session is fresh.

2026-04-12 15:12:20 +02:00

2 Commits