p0 · Auth.js migration · Phase C · Integration API redesign

TL;DR

Per-user integration API keys (pfn_live_*, sha256 at rest, create/list/revoke UI) shipped (01d9ac3). H1/H2/M2/M5/tests deferred to Phase D.

Status: done (2026-05-19, commit 01d9ac3) · Severity: HIGH · Source: [[Projects/personal-finance-notion/decisions/adr-2026-05-18-authjs-migration|ADR 2026-05-18]]

Scope note (2026-05-19): Phase C as originally planned bundled five workstreams (integration API + H1 CSP + H2 timing + M2 role + M5 logger + test rewrite). Operator decision on 2026-05-19 was to ship the integration API redesign on its own — deferring the rest to [[Projects/personal-finance-notion/backlog/done/p0-authjs-phase-d-pre-launch-hardening|Phase D]] (done 2026-05-24).

See [[Projects/personal-finance-notion/changelog/2026-05-19-integration-api-keys|changelog entry]] for full shipped summary.

What shipped (this note)

• IntegrationKey model — sha256-hashed per-user keys with label, scopes, expiry, revocation, last-used tracking
• requireIntegrationUser() rewritten — Bearer → sha256 → lookup; rejects missing/revoked/expired; fire-and-forget lastUsedAt bump
• createIntegrationKey / listIntegrationKeys / revokeIntegrationKey server actions
• IntegrationKeysSection UI inline on /config/user — create/list/revoke + one-time reveal
• Legacy PREFIX + User._id scheme removed; getIntegrationBearerPreview action deleted; INTEGRATION_API_TOKEN_PREFIX env var dropped
• AI agent docs updated to point to the new flow
• requireIntegrationUser.test.ts rewritten — 8 tests green

Deferred to Phase D (now done)

See [[Projects/personal-finance-notion/backlog/done/p0-authjs-phase-d-pre-launch-hardening|Phase D]].

Related

• [[Projects/personal-finance-notion/backlog/done/p0-authjs-phase-d-pre-launch-hardening|Phase D · Pre-launch hardening]]
• [[Projects/personal-finance-notion/backlog/p2-auth-backlog-low|L1 (now done)]]
• [[Projects/personal-finance-notion/personal-finance-notion|MOC]]