Skip to content

fix: key chat history by stable user ID instead of JWT token#61

Merged
agarg5 merged 1 commit intomainfrom
feature/fix-chat-history-key
Feb 28, 2026
Merged

fix: key chat history by stable user ID instead of JWT token#61
agarg5 merged 1 commit intomainfrom
feature/fix-chat-history-key

Conversation

@agarg5
Copy link
Owner

@agarg5 agarg5 commented Feb 28, 2026

Summary

  • Chat history was keyed by SHA256(jwt_token), but Ghostfolio issues a new JWT on every login/refresh, causing users to lose their conversation
  • Now decodes the JWT payload to extract the stable id field and keys by SHA256(user_id) instead
  • Applied the same fix to the /chat, /chat/history GET, and /chat/history DELETE endpoints in main.py

Test plan

  • All 18 chat history unit tests pass (6 new tests added)
  • Manual test: open chat on Railway, send a message, refresh browser, verify same conversation appears
  • Verify eval session_id override still works (non-JWT strings fall back gracefully)

🤖 Generated with Claude Code

@claude
fix: key chat history by stable user ID instead of JWT token
8c8cb23 
Ghostfolio issues a new JWT on every login (including browser refresh),
so keying chat history by SHA256(token) caused users to lose their
conversation on refresh. Now we decode the JWT payload to extract the
stable `id` field and key by SHA256(user_id) instead.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@agarg5
Copy link
Owner Author

agarg5 commented Feb 28, 2026

Code review

No issues found. Tests passing. Checked for bugs, regressions, and CLAUDE.md compliance.

🤖 Generated with Claude Code

@agarg5 agarg5 merged commit ba74a74 into main Feb 28, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@agarg5