Hamza-Ayed
|
bddee7ca2d
|
Update: 2026-05-16 00:04:29
|
2026-05-16 00:04:30 +03:00 |
|
Hamza-Ayed
|
7ee897ff3d
|
Update: 2026-05-15 15:02:14
|
2026-05-15 15:02:14 +03:00 |
|
Hamza-Ayed
|
30da101415
|
Update: 2026-05-12 01:40:41
|
2026-05-12 01:40:41 +03:00 |
|
Hamza-Ayed
|
ba621c9896
|
Update: 2026-05-12 01:07:38
|
2026-05-12 01:07:38 +03:00 |
|
Hamza-Ayed
|
c94855ed9c
|
Update: 2026-05-09 17:21:01
|
2026-05-09 17:21:01 +03:00 |
|
Hamza-Ayed
|
a9a2c65bee
|
Update: 2026-05-06 05:11:51
|
2026-05-06 05:11:51 +03:00 |
|
Hamza-Ayed
|
ac12106770
|
Update: 2026-05-05 00:01:17
|
2026-05-05 00:01:17 +03:00 |
|
Hamza-Ayed
|
98c4b922be
|
Update: 2026-05-04 17:29:56
|
2026-05-04 17:29:56 +03:00 |
|
Hamza-Ayed
|
214d96ee8d
|
Security Hardening: Phase 1-3 complete
- C1: Hash refresh tokens before DB storage (sha256)
- C2: Remove JWT_SECRET fallback, fail hard if missing
- H1: Enforce HTTP methods per route (405 on mismatch)
- H2: CORS with origin whitelist from CORS_ORIGIN env var
- H3: Redact sensitive fields (tokens, passwords) from logs
- M1: Build HmacMiddleware with replay attack prevention
- M2: Fix rate limiter race condition with flock LOCK_EX
- M3: Guard dd() — suppressed in production
- M4: Remove .env from git tracking, strengthen .gitignore
- I1: Add HSTS header (max-age=31536000)
|
2026-05-03 21:06:17 +03:00 |
|
Hamza-Ayed
|
e2acce23c0
|
Fix case sensitivity in app folders
|
2026-05-03 20:33:29 +03:00 |
|