forked from git.gladyson/openmonetis
2d62fd0302
Changed all API endpoints to validate os_xxx tokens via SHA-256 hash lookup in the database instead of expecting JWT format. This allows tokens generated in the settings page (Ajustes → Dispositivos) to work correctly with the Android app. - /api/auth/device/verify: validates os_xxx tokens via hash - /api/inbox: uses hash-based auth - /api/inbox/batch: uses hash-based auth - No token expiration (tokens valid until revoked) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>