senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
136 commits 37 branches 94 tags 1.5 GiB
Commit graph

13 commits

Author SHA1 Message Date
senke
8722344aba [BE-SEC-005] security: Implement rate limiting for authentication endpoints 
- Applied RegisterRateLimit to POST /auth/register (3 attempts/hour)
- Applied PasswordResetRateLimit to password reset endpoints (3 attempts/hour)
- Added VerifyEmailRateLimit for POST /auth/verify-email (5 attempts/hour)
- Added ResendVerificationRateLimit for POST /auth/resend-verification (3 attempts/hour)
- Login endpoint already had rate limiting (5 attempts/15min)
- All rate limits are IP-based and use Redis for persistence
- Rate limiting disabled in test/e2e environments

Phase: PHASE-4
Priority: P1
Progress: 7/267 (2.6%)
 2025-12-24 12:05:35 +01:00
senke
f52fb0b289 fix(MVP-014): Add CORS credentials configuration validation 2025-12-22 23:17:24 +01:00
senke
4d8c019abf fix(MVP-006): Standardize environment variable names (VITE_API_BASE_URL → VITE_API_URL) 2025-12-22 22:56:37 +01:00
senke
d50832ca42 stabilizing apps/web: THIRD BATCH - FIXED Playwright 2025-12-21 18:55:51 -05:00
senke
c65563863a stabilizing apps/web: SECOND BATCH - FIXING Playwright 2025-12-17 12:20:42 -05:00
senke
83e4463b4b stabilizing veza-backend-api: P0 2025-12-16 11:59:56 -05:00
senke
d0fe8c8ad7 stabilizing veza-backend-api: phase 1 2025-12-16 11:23:49 -05:00
senke
d33c351ac6 refonte: backend-api go first; phase 1 2025-12-12 21:34:34 -05:00
okinrev
8d6ce72bb2 report generation and future tasks selection 2025-12-08 19:57:54 +01:00
okinrev
8caa2fd7ca STABILISATION: phase 3–5 – API contract, tests & chat-server hardening 2025-12-06 17:21:59 +01:00
okinrev
a47464509a fix(backend-tests): enable room_handler_test and resolve metric collisions 2025-12-06 12:53:15 +01:00
okinrev
5ffcd50e0a P0: stabilisation backend/chat/stream + nouvelle base migrations v1 
Backend Go:
- Remplacement complet des anciennes migrations par la base V1 alignée sur ORIGIN.
- Durcissement global du parsing JSON (BindAndValidateJSON + RespondWithAppError).
- Sécurisation de config.go, CORS, statuts de santé et monitoring.
- Implémentation des transactions P0 (RBAC, duplication de playlists, social toggles).
- Ajout d’un job worker structuré (emails, analytics, thumbnails) + tests associés.
- Nouvelle doc backend : AUDIT_CONFIG, BACKEND_CONFIG, AUTH_PASSWORD_RESET, JOB_WORKER_*.

Chat server (Rust):
- Refonte du pipeline JWT + sécurité, audit et rate limiting avancé.
- Implémentation complète du cycle de message (read receipts, delivered, edit/delete, typing).
- Nettoyage des panics, gestion d’erreurs robuste, logs structurés.
- Migrations chat alignées sur le schéma UUID et nouvelles features.

Stream server (Rust):
- Refonte du moteur de streaming (encoding pipeline + HLS) et des modules core.
- Transactions P0 pour les jobs et segments, garanties d’atomicité.
- Documentation détaillée de la pipeline (AUDIT_STREAM_*, DESIGN_STREAM_PIPELINE, TRANSACTIONS_P0_IMPLEMENTATION).

Documentation & audits:
- TRIAGE.md et AUDIT_STABILITY.md à jour avec l’état réel des 3 services.
- Cartographie complète des migrations et des transactions (DB_MIGRATIONS_*, DB_TRANSACTION_PLAN, AUDIT_DB_TRANSACTIONS, TRANSACTION_TESTS_PHASE3).
- Scripts de reset et de cleanup pour la lab DB et la V1.

Ce commit fige l’ensemble du travail de stabilisation P0 (UUID, backend, chat et stream) avant les phases suivantes (Coherence Guardian, WS hardening, etc.).
 2025-12-06 11:14:38 +01:00
okinrev
2425c15b09 adding initial backend API (Go) 2025-12-03 20:29:37 +01:00