Gan, Jimmy
ddaf3c6cee
security: Sprint 00 — critical security fixes (OPC WS auth, Transmission creds, SECRET_KEY, passkey rate limit)
...
- Add JWT token auth to OPC WebSocket (unauthenticated → 403, per-user tracking)
- Externalize Transmission RPC credentials to TRANSMISSION_USER/PASS env vars
- Remove hardcoded SECRET_KEY fallback from dev compose
- Rate-limit passkey register options endpoint at 5/minute
- Add PDD (docs/improvement-plan.md) and sprint specs (specs/)
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com >
2026-05-03 13:31:25 +08:00
Gan, Jimmy
6ea64bc19e
feat: add Transmission monitoring to dashboard
...
Deploy Dashboard (Dev) / deploy-dev (push) Successful in 2m37s
Run Tests / Backend Tests (push) Failing after 4m7s
Run Tests / Frontend Tests (push) Failing after 2m48s
Run Tests / Test Summary (push) Failing after 12s
- Add backend API for Transmission RPC integration
- Create frontend page with torrent and tracker status
- Add health monitoring script
- Display daemon status, speeds, and tracker errors
- Support reannounce, start/stop actions
2026-04-10 19:25:52 +08:00