senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2174 commits 37 branches 94 tags 1.5 GiB
Commit graph

27 commits

Author SHA1 Message Date
senke
b0a46040f1 feat(v0.12.6.2): enforce MFA for admin/moderator + align refresh token TTL to 7 days
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details 
TASK-SFIX-001: MFA enforcement for privileged roles
- Add RequireMFA() middleware, TwoFactorChecker interface, SetTwoFactorChecker()
- Apply to all 3 admin route groups (platform, moderation, core)
- Returns 403 "mfa_setup_required" if admin/moderator without 2FA
- Regular users bypass the check
- Ref: ORIGIN_SECURITY_FRAMEWORK.md Rule 5

TASK-SFIX-002: Refresh token TTL alignment
- jwt_service.go: RefreshTokenTTL 14d→7d, RememberMeRefreshTokenTTL 30d→7d
- handlers/auth.go: Cookie max-age and session expiresIn → 7d across
  Login, LoginWith2FA, Register, Refresh handlers
- middleware/auth.go: Session auto-refresh default 30d→7d
- Ref: ORIGIN_SECURITY_FRAMEWORK.md Rule 4

TASK-SFIX-003: 5 unit tests — all PASS
- TestRequireMFA_AdminWithoutMFA, TestRequireMFA_AdminWithMFA
- TestRequireMFA_RegularUserNotAffected
- TestRefreshTokenTTL_Is7Days, TestAccessTokenTTL_Is5Minutes

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 06:53:27 +01:00
senke
ba88086f20 feat(v0.10.2): Recherche fulltext Elasticsearch - F361-F365 
- Elasticsearch 8.x dans docker-compose.dev
- Package internal/elasticsearch: client, config, mappings, indices
- Sync PG→ES: reindex tracks/users/playlists, IndexTrack/DeleteTrack
- SearchService ES: multi_match + fuzziness (typo tolerance), highlighting
- Fallback gracieux: PostgreSQL si ELASTICSEARCH_URL absent
- Routes: GET /search, GET /search/suggestions, POST /admin/search/reindex
- Frontend: searchApi cursor/limit params (extensibilité)
- docs/ENV_VARIABLES: ELASTICSEARCH_URL, ELASTICSEARCH_INDEX, ELASTICSEARCH_AUTO_INDEX
- Roadmap v0.10.2 → DONE
 2026-03-09 10:13:18 +01:00
senke
7df866cd3f v0.9.7 beta 2026-03-06 18:58:37 +01:00
senke
99136948cb v0.9.7 2026-03-06 18:52:08 +01:00
senke
05446064ea v0.9.6 2026-03-06 10:29:30 +01:00
senke
cd974172cb v0.9.4 2026-03-05 23:03:43 +01:00
senke
2956b12645 v0.9.2 2026-03-05 19:27:34 +01:00
senke
8138723eca chore(release): v0.971 — Phantom (gamification removal, WebRTC Beta, limits doc) 2026-03-02 19:25:37 +01:00
senke
1b239d13ab chore(release): v0.941 — Cleanup (dead code, migrations dedup, deprecated routes) 2026-03-02 19:04:30 +01:00
senke
3edb10b567 feat(admin): feature flags CRUD with DB persistence 2026-02-25 19:56:24 +01:00
senke
d684c69439 feat(admin): global announcements CRUD and public banner endpoint 2026-02-25 19:55:21 +01:00
senke
2a9ca68763 feat(admin): maintenance mode middleware with 503 responses 2026-02-25 19:54:22 +01:00
senke
0d092466f1 feat(admin): moderation queue with reports CRUD 2026-02-25 19:53:04 +01:00
senke
93666a3390 feat(v0.703): Go Live & Streaming Complet 
- Backend: room creation for live streams, permissions CanJoin/CanSend/CanRead for stream rooms
- LiveViewChat: useLiveStreamChat hook, WebSocket connection, stream_id as room
- LiveViewPlayer: real-time viewer count via polling (5s)
- Media Session: seekbackward/seekforward handlers (10s step)
- GoLiveView.stories.tsx: Default, Loading, Error, StreamKeyVisible
- Docs: API_REFERENCE, CHANGELOG, PROJECT_STATE, FEATURE_STATUS, RETROSPECTIVE_V0703
- SCOPE_CONTROL, .cursorrules: update to v0.801
- Archive V0_703_RELEASE_SCOPE.md
 2026-02-25 09:35:22 +01:00
senke
022770ef9f feat(v0.701): AdminTransfers page/route, MSW, stories, Deep Health, API ref, docs, scope v0.702 
- Step 13: AdminTransfersPage, LazyAdminTransfers, route /admin/transfers
- Step 14: MSW handlers admin transfers
- Step 15: AdminTransfersView stories (Default, Empty, WithFailedTransfers, Error, Loading)
- Step 16-17: DeepHealth handler (disk, config), GET /health/deep
- Step 19: health_deep_test.go (4 tests)
- Step 20: docs/API_REFERENCE.md
- Step 21: Archive V0_604, MIGRATIONS.md migration 116
- Step 22: CHANGELOG, PROJECT_STATE, FEATURE_STATUS v0.701
- Step 23: RETROSPECTIVE_V0701, V0_702 placeholder, SCOPE_CONTROL, .cursorrules
- Step 24: Archive V0_701_RELEASE_SCOPE
- Fix: AdminTransfersView Select component (use options API)
 2026-02-23 23:42:02 +01:00
senke
7fed717c9b feat(routes): wire admin transfer endpoints in /admin group 2026-02-23 23:33:54 +01:00
senke
5258b9bf17 feat(streaming): trigger HLS transcoding after track upload 
INT-02: TrackService.copyFileAsync now calls StreamService.StartProcessing
after successful file copy. Wires the stream server integration into
all track route registrations.
 2026-02-22 17:52:39 +01:00
senke
51af2d073f feat(notifications): N1.1-N1.3 Web Push subscription, send on events, preferences 
- N1.1: POST /notifications/push/subscribe, PushService, migration 090
- N1.2: Send Web Push on follow/like/comment/message via CreateNotification
- N1.3: GET/PUT /notifications/preferences, migration 093
- Shared NotificationService with PushService for profile, track, comment handlers
- Fix MockSocialService GetGlobalFeed, GetTrendingHashtags for tests
 2026-02-21 16:41:39 +01:00
senke
99f60ebbaa feat(auth): enrich sessions page with history and revoke (A4) 2026-02-20 14:52:20 +01:00
senke
e11984898d chore: consolidate CI, E2E, backend and frontend updates 
- CI: workflows updates (cd, ci), remove playwright.yml
- E2E: global-setup, auth/playlists/profile specs
- Remove playwright-report and test-results artifacts from tracking
- Backend: auth, handlers, services, workers, migrations
- Frontend: components, features, vite config
- Add e2e-results.json to gitignore
- Docs: REMEDIATION_PROGRESS, audit archive
- Rust: chat-server, stream-server updates
 2026-02-17 16:43:21 +01:00
senke
838d61d2a0 fix(security): add rate limiting to POST /validate (A01) 2026-02-16 10:17:28 +01:00
senke
1bdff5410d fix(backend): disable pprof endpoints in production 
Conditionally register pprof routes only when APP_ENV is not production.
Prevents leaking sensitive runtime information via profiling endpoints.
Phase 1 audit - P1.5
 2026-02-15 15:55:18 +01:00
senke
8ab391dd73 fix(backend): replace panic/Fatal with graceful error when Redis down (audit 1.4, P0) 
- Add early validation in Setup() returning error if Redis nil in production
- Remove panic/Fatal from routes_core.go and router.go applyCSRFProtection
- Handle Setup() error in cmd/api/main.go and cmd/modern-server/main.go
- Mark audit item 1.4 as done
 2026-02-15 14:05:20 +01:00
senke
a08d9f109f feat(api): add PostgreSQL read replica support (3.7) 
- Add DATABASE_READ_URL config and InitReadReplica in database package
- Add ForRead() helper for read-only handler routing
- Update TrackService and TrackSearchService to use read replica for reads
- Document setup in DEPLOYMENT_GUIDE.md and .env.template
 2026-02-14 22:50:23 +01:00
senke
724064bdbf fix(api): add rate limiting on POST /api/v1/logs/frontend 2026-02-14 20:19:56 +01:00
senke
6677dc38d3 feat(migrations): add down migration scripts for rollback 2026-02-14 18:05:11 +01:00
senke
037692887f refactor(api): extract route setup functions into dedicated files 2026-02-14 18:04:37 +01:00