senke
73eca4f6ad
feat: backend, stream server & infra improvements
...
Backend (Go):
- Config: CORS, RabbitMQ, rate limit, main config updates
- Routes: core, distribution, tracks routing changes
- Middleware: rate limiter, endpoint limiter, response cache hardening
- Handlers: distribution, search handler fixes
- Workers: job worker improvements
- Upload validator and logging config additions
- New migrations: products, orders, performance indexes
- Seed tooling and data
Stream Server (Rust):
- Audio processing, config, routes, simple stream server updates
- Dockerfile improvements
Infrastructure:
- docker-compose.yml updates
- nginx-rtmp config changes
- Makefile improvements (config, dev, high, infra)
- Root package.json and lock file updates
- .env.example updates
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 11:36:06 +01:00
senke
6823e5a30d
release(v0.902): Sentinel - PKCE OAuth, token encryption, redirect validation, CHAT_JWT_SECRET
...
Backend API CI / test-unit (push) Failing after 0s
Backend API CI / test-integration (push) Failing after 0s
- PKCE (S256) in OAuth flow: code_verifier in oauth_states, code_challenge in auth URL
- CryptoService: AES-256-GCM encryption for OAuth provider tokens at rest
- OAuth redirect URL validated against OAUTH_ALLOWED_REDIRECT_DOMAINS
- CHAT_JWT_SECRET must differ from JWT_SECRET in production
- Migration script: cmd/tools/encrypt_oauth_tokens for existing tokens
- Fixes: VEZA-SEC-003, VEZA-SEC-004, VEZA-SEC-009, VEZA-SEC-010
2026-02-26 19:49:15 +01:00
senke
bbd8ed54de
refactor(config): découper config.go par domaine (audit 2.7)
...
- env_helpers.go: getEnv*, parseLogAggregationLabels
- db_init.go: initDatabaseWithRetry
- redis_init.go: initRedis, filteredRedisLogger
- rabbitmq.go: getRabbitMQURL
- cors.go: CORS, cookies
- rate_limit.go: rate limit defaults
- services_init.go: initServices
- middlewares_init.go: initMiddlewares, SetupMiddleware
- config.go réduit de ~1487 à ~550 LOC
2026-02-15 14:44:33 +01:00
