senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
134 commits 37 branches 94 tags 1.5 GiB
Commit graph

13 commits

Author SHA1 Message Date
senke
f7baf67741 [BE-SEC-005] security: Implement rate limiting for authentication endpoints 
- Applied RegisterRateLimit to POST /auth/register (3 attempts/hour)
- Applied PasswordResetRateLimit to password reset endpoints (3 attempts/hour)
- Added VerifyEmailRateLimit for POST /auth/verify-email (5 attempts/hour)
- Added ResendVerificationRateLimit for POST /auth/resend-verification (3 attempts/hour)
- Login endpoint already had rate limiting (5 attempts/15min)
- All rate limits are IP-based and use Redis for persistence
- Rate limiting disabled in test/e2e environments

Phase: PHASE-4
Priority: P1
Progress: 7/267 (2.6%)
 2025-12-24 12:05:35 +01:00
senke
1203e51760 fix(MVP-014): Add CORS credentials configuration validation 2025-12-22 23:17:24 +01:00
senke
34f3468c89 fix(MVP-006): Standardize environment variable names (VITE_API_BASE_URL → VITE_API_URL) 2025-12-22 22:56:37 +01:00
senke
bacaded324 stabilizing apps/web: THIRD BATCH - FIXED Playwright 2025-12-21 18:55:51 -05:00
senke
df06693508 stabilizing apps/web: SECOND BATCH - FIXING Playwright 2025-12-17 12:20:42 -05:00
senke
54a570bb74 stabilizing veza-backend-api: P0 2025-12-16 11:59:56 -05:00
senke
3c534a59a0 stabilizing veza-backend-api: phase 1 2025-12-16 11:23:49 -05:00
senke
de191cf0fc refonte: backend-api go first; phase 1 2025-12-12 21:34:34 -05:00
okinrev
e9e306c347 report generation and future tasks selection 2025-12-08 19:57:54 +01:00
okinrev
843dff3c92 STABILISATION: phase 3–5 – API contract, tests & chat-server hardening 2025-12-06 17:21:59 +01:00
okinrev
76f2677c17 fix(backend-tests): enable room_handler_test and resolve metric collisions 2025-12-06 12:53:15 +01:00
okinrev
1ef0e0d6d6 P0: stabilisation backend/chat/stream + nouvelle base migrations v1 
Backend Go:
- Remplacement complet des anciennes migrations par la base V1 alignée sur ORIGIN.
- Durcissement global du parsing JSON (BindAndValidateJSON + RespondWithAppError).
- Sécurisation de config.go, CORS, statuts de santé et monitoring.
- Implémentation des transactions P0 (RBAC, duplication de playlists, social toggles).
- Ajout d’un job worker structuré (emails, analytics, thumbnails) + tests associés.
- Nouvelle doc backend : AUDIT_CONFIG, BACKEND_CONFIG, AUTH_PASSWORD_RESET, JOB_WORKER_*.

Chat server (Rust):
- Refonte du pipeline JWT + sécurité, audit et rate limiting avancé.
- Implémentation complète du cycle de message (read receipts, delivered, edit/delete, typing).
- Nettoyage des panics, gestion d’erreurs robuste, logs structurés.
- Migrations chat alignées sur le schéma UUID et nouvelles features.

Stream server (Rust):
- Refonte du moteur de streaming (encoding pipeline + HLS) et des modules core.
- Transactions P0 pour les jobs et segments, garanties d’atomicité.
- Documentation détaillée de la pipeline (AUDIT_STREAM_*, DESIGN_STREAM_PIPELINE, TRANSACTIONS_P0_IMPLEMENTATION).

Documentation & audits:
- TRIAGE.md et AUDIT_STABILITY.md à jour avec l’état réel des 3 services.
- Cartographie complète des migrations et des transactions (DB_MIGRATIONS_*, DB_TRANSACTION_PLAN, AUDIT_DB_TRANSACTIONS, TRANSACTION_TESTS_PHASE3).
- Scripts de reset et de cleanup pour la lab DB et la V1.

Ce commit fige l’ensemble du travail de stabilisation P0 (UUID, backend, chat et stream) avant les phases suivantes (Coherence Guardian, WS hardening, etc.).
 2025-12-06 11:14:38 +01:00
okinrev
2425c15b09 adding initial backend API (Go) 2025-12-03 20:29:37 +01:00