ifb-schulapp

simon/ifb-schulapp

Fork 0

Commit Graph

Author	SHA1	Message	Date
Simon	b2de630983	harden security: enforce JWT_SECRET, helmet, CSP, stricter rate limits - Require JWT_SECRET env var (fatal exit if missing) - Add helmet middleware with custom CSP - Cookie Secure flag when NODE_ENV=production - requireAuth re-verifies user.status from DB on every request - class_events DELETE restricted to creator or admin - Rate limit /register (5/hr) and PUT /me/password (5/15min) - Password minimum 6 to 8 chars - crudRoutes truncates strings to 1000 chars - Remove application/octet-stream from allowed upload MIMEs	2026-04-17 23:40:27 +02:00
Simon	8f75bc6a10	feat: add TOTP 2FA with QR code and manual secret entry	2026-04-17 22:56:39 +02:00
Simon	db5efd8ed9	clean initial commit	2026-04-17 00:12:47 +02:00

Author

SHA1

Message

Date

Simon

b2de630983

harden security: enforce JWT_SECRET, helmet, CSP, stricter rate limits

- Require JWT_SECRET env var (fatal exit if missing)
- Add helmet middleware with custom CSP
- Cookie Secure flag when NODE_ENV=production
- requireAuth re-verifies user.status from DB on every request
- class_events DELETE restricted to creator or admin
- Rate limit /register (5/hr) and PUT /me/password (5/15min)
- Password minimum 6 to 8 chars
- crudRoutes truncates strings to 1000 chars
- Remove application/octet-stream from allowed upload MIMEs

2026-04-17 23:40:27 +02:00

Simon

8f75bc6a10

feat: add TOTP 2FA with QR code and manual secret entry

2026-04-17 22:56:39 +02:00

Simon

db5efd8ed9

clean initial commit

2026-04-17 00:12:47 +02:00

3 Commits