Daniel Bedeleanu
|
fcb187974e
|
Build [v1.9.18]
|
2026-04-13 23:43:52 +03:00 |
|
Daniel Bedeleanu
|
07b15c8e01
|
Build [v1.9.1] (CORS Dynamic IP Resolution Fix)
|
2026-04-13 20:52:29 +03:00 |
|
Daniel Bedeleanu
|
81b775c9ae
|
Build [v1.8.0]
|
2026-04-13 19:23:48 +03:00 |
|
Daniel Bedeleanu
|
f3d861b1a2
|
Build [v1.4.0] - Audit Dashboard & LDAP Restoration
|
2026-04-12 09:39:17 +03:00 |
|
Daniel Bedeleanu
|
cee93fe53c
|
debug: log DATA_DIR and database path at startup
|
2026-04-11 15:28:53 +03:00 |
|
Daniel Bedeleanu
|
c949bcd211
|
fix: reorder CORS middleware before rate limiter to fix OPTIONS preflight
|
2026-04-11 14:38:43 +03:00 |
|
Daniel Bedeleanu
|
356dfa32f1
|
fix: remove invalid add_exception_handler call for slowapi
|
2026-04-11 14:38:00 +03:00 |
|
Daniel Bedeleanu
|
9dbe0f8b6c
|
refactor: translate all docstrings and comments to English (STRICT ENGLISH POLICY complete)
|
2026-04-11 14:26:55 +03:00 |
|
Daniel Bedeleanu
|
c31209b740
|
chore: translate remaining Romanian code comments to English (STRICT ENGLISH POLICY)
|
2026-04-11 14:25:03 +03:00 |
|
Daniel Bedeleanu
|
e6ca33f2f0
|
feat: frontend JWT handling, rate limiting [H-02], CORS config
Frontend:
- Creiez frontend/lib/auth.ts cu saveToken, getToken, getAuthHeader, clearAuth
- Modific api.ts: axiosInstance cu interceptor Bearer token + 401 → /login redirect
- Modific login page: salveaza JWT token din response
Backend:
- [H-02] Integrez slowapi rate limiting: 10 req/minute pe /items/extract-label
- [M-01] CORS: ALLOWED_ORIGINS din env (dev fallback: localhost:3000, localhost:3002)
- [C-01] JWT_SECRET_KEY din env (dev fallback: ephemeral key)
docker-compose.yml:
- Adaug ALLOWED_ORIGINS env var (dev: localhost)
- Adaug JWT_SECRET_KEY env var cu fallback warning
Status:
- ✅ JWT backend: complet
- ✅ JWT frontend: token save + attach + 401 handling
- ✅ Rate limiting: 10/min pe extract-label
- ✅ CORS: configurable via env
Gata pentru dev + testing local.
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
|
2026-04-11 13:42:09 +03:00 |
|
Daniel Bedeleanu
|
247ea45408
|
security: audit complet + patch vulnerabilitati critice v1.3.5
Audit de securitate executat pe Backend (FastAPI) si Frontend (Next.js/Dexie).
12 vulnerabilitati identificate (4 CRITICE, 4 HIGH, 3 MEDIUM, 1 LOW).
Patch-uri aplicate direct:
- [C-02] Eliminat bypass autentificare pentru useri fara parola (users.py)
- [C-03] Parola default Admin inlocuita cu secrets.token_urlsafe(16) (users.py)
- [H-01] LDAP injection fix: escape_filter_chars pe username (users.py)
- [H-03] Validare MIME + limita 10MB pe /items/extract-label (items.py)
- [M-01] CORS fix: allow_origins din env ALLOWED_ORIGINS, nu wildcard (main.py)
- [M-03] Toate print() LDAP inlocuite cu log.debug() (users.py)
Raport complet: dev_docs/SECURITY_REPORT.md
Actiuni arhitecturale ramase (JWT enforcement, rate limiting): SESSION_STATE.md
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
|
2026-04-11 13:20:05 +03:00 |
|
Daniel Bedeleanu
|
2e5ce8d153
|
feat: complete dockerization architecture with data/logs persistence and prod export script v1.3.0
|
2026-04-11 12:33:13 +03:00 |
|
Daniel Bedeleanu
|
8a3783c7e9
|
Infrastructure: Implement master/dev/vX branching, save git path, and fix username casing
|
2026-04-10 21:51:22 +03:00 |
|
Daniel Bedeleanu
|
e4b0afb50d
|
feat: core inventory API and secure operation routers
|
2026-04-10 13:47:10 +03:00 |
|
Daniel Bedeleanu
|
46bd6ae733
|
feat: backend foundation setup with SQLite and FastAPI
|
2026-04-10 13:44:21 +03:00 |
|