 chiappa
|
30c0604e49
fix: rotate CSRF token on session-id regeneration (SEC_REVIEW F40)
|
vor 4 Tagen |
|
chiappa
|
d37890b68f
fix: rate-limit /login/local even when local admin is disabled (SEC_REVIEW F38)
|
vor 4 Tagen |
|
chiappa
|
84238e6592
fix: run password_verify on every local-login attempt for constant-time response (SEC_REVIEW F7)
|
vor 5 Tagen |
|
chiappa
|
d119b72dfe
fix: persist login throttle state to a file shared by FrankenPHP workers (SEC_REVIEW F6)
|
vor 5 Tagen |
|
chiappa
|
466d686840
fix: harden local-login throttle against XFF spoof and IP rotation
|
vor 6 Tagen |
|
chiappa
|
63d5a8d4e9
feat(M14): security hardening
|
vor 1 Woche |
|
chiappa
|
aaeee67c98
feat(M09): UI dashboard, IPs list, IP detail; matching admin API endpoints
|
vor 1 Woche |
|
chiappa
|
726d8642ce
feat(M08): ui scaffold, OIDC + local admin auth, session, ApiClient
|
vor 1 Woche |
