senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
2199 commits 37 branches 94 tags 1.5 GiB
Commit graph

11 commits

Author SHA1 Message Date
senke
7b2f873736 feat: backend, stream server & infra improvements 
Backend (Go):
- Config: CORS, RabbitMQ, rate limit, main config updates
- Routes: core, distribution, tracks routing changes
- Middleware: rate limiter, endpoint limiter, response cache hardening
- Handlers: distribution, search handler fixes
- Workers: job worker improvements
- Upload validator and logging config additions
- New migrations: products, orders, performance indexes
- Seed tooling and data

Stream Server (Rust):
- Audio processing, config, routes, simple stream server updates
- Dockerfile improvements

Infrastructure:
- docker-compose.yml updates
- nginx-rtmp config changes
- Makefile improvements (config, dev, high, infra)
- Root package.json and lock file updates
- .env.example updates

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 11:36:06 +01:00
senke
cd974172cb v0.9.4 2026-03-05 23:03:43 +01:00
senke
23791095ad test: add 5 cross-service E2E integration tests 
INT-03: Tests for health endpoint, auth flow, track upload auth,
webhook HTTPS-only, and rate limit headers. Build-tagged
'integration' to avoid running in regular test suite.
 2026-02-22 17:52:50 +01:00
senke
838d61d2a0 fix(security): add rate limiting to POST /validate (A01) 2026-02-16 10:17:28 +01:00
senke
68f4b86b6d fix(backend): use explicit DISABLE_RATE_LIMIT_FOR_TESTS flag instead of env-based bypass 
Replace NODE_ENV/APP_ENV bypass with DISABLE_RATE_LIMIT_FOR_TESTS=true.
Only test runners should set this. Prevents rate limiting bypass when
APP_ENV=development is mistakenly used in production.
Phase 1 audit - P1.6
 2026-02-15 15:56:53 +01:00
senke
04c25aa24f Phase 2 stabilisation: code mort, Modal→Dialog, feature flags, tests, router split, Rust legacy 
Bloc A - Code mort:
- Suppression Studio (components, views, features)
- Suppression gamification + services mock (projectService, storageService, gamificationService)
- Mise à jour Sidebar, Navbar, locales

Bloc B - Frontend:
- Suppression modal.tsx deprecated, Modal.stories (doublon Dialog)
- Feature flags: PLAYLIST_SEARCH, PLAYLIST_RECOMMENDATIONS, ROLE_MANAGEMENT = true
- Suppression 19 tests orphelins, retrait exclusions vitest.config

Bloc C - Backend:
- Extraction routes_auth.go depuis router.go

Bloc D - Rust:
- Suppression security_legacy.rs (code mort, patterns déjà dans security/)
 2026-02-14 17:23:32 +01:00
senke
39f7967e1e incus deployement fully implemented, Makefile updated and make fmt ran 2026-01-13 19:47:57 +01:00
senke
de3691bdfe [FIX] Disable endpoint rate limiting in development mode 
- Disable RegisterRateLimit when APP_ENV=development
- Add development mode check in endpoint_limiter.go
- Prevents rate limit errors during development and testing
- Endpoint rate limiting still active in production/staging
- Fixes 429 errors when creating accounts in development
 2026-01-04 01:44:13 +01:00
senke
8722344aba [BE-SEC-005] security: Implement rate limiting for authentication endpoints 
- Applied RegisterRateLimit to POST /auth/register (3 attempts/hour)
- Applied PasswordResetRateLimit to password reset endpoints (3 attempts/hour)
- Added VerifyEmailRateLimit for POST /auth/verify-email (5 attempts/hour)
- Added ResendVerificationRateLimit for POST /auth/resend-verification (3 attempts/hour)
- Login endpoint already had rate limiting (5 attempts/15min)
- All rate limits are IP-based and use Redis for persistence
- Rate limiting disabled in test/e2e environments

Phase: PHASE-4
Priority: P1
Progress: 7/267 (2.6%)
 2025-12-24 12:05:35 +01:00
senke
d50832ca42 stabilizing apps/web: THIRD BATCH - FIXED Playwright 2025-12-21 18:55:51 -05:00
okinrev
2425c15b09 adding initial backend API (Go) 2025-12-03 20:29:37 +01:00