Logout now increments sessionVersion so existing JWTs are rejected
server-side, deletes orphaned DB sessions, and uses redirectTo for signOut.
Google OAuth requests account selection each time; optional AUTH_GOOGLE_PROMPT=login
forces Google re-authentication on shared devices.
Co-authored-by: Cursor <cursoragent@cursor.com>
Google OAuth was implemented locally but never deployed; the login button
only renders when AUTH_GOOGLE_ID and AUTH_GOOGLE_SECRET are set. Also
restores /api/ai/test-* endpoints removed by mistake and wires Google
credentials into deploy workflows.
Co-authored-by: Cursor <cursoragent@cursor.com>
- Remove BMAD framework, IDE configs, dev screenshots, test files,
internal docs, and backup files
- Rename keep-notes/ to memento-note/
- Update all references from keep-notes to memento-note
- Add Apache 2.0 license with Commons Clause (non-commercial restriction)
- Add clean .gitignore and .env.docker.example