Gan, Jimmy
|
be1f3b3ad6
|
Add security improvements: refresh tokens, passkeys, CSP, audit logging, TOTP encryption
- Shorten access token to 30min with 7-day refresh token flow
- Add WebAuthn passkey registration and login with TOTP fallback
- Add Content-Security-Policy header
- Add audit logging middleware to /volume1/docker/nas-dashboard/audit.log
- Block /volume1/docker/ in files endpoint
- Encrypt TOTP secret at rest with Fernet (derived from SECRET_KEY)
- New deps: py_webauthn, cryptography
|
2026-02-22 11:04:40 +08:00 |
|
Gan, Jimmy
|
b1dee47126
|
Add CORS, rate limiting, security headers, and files endpoint protection
|
2026-02-21 11:18:29 +08:00 |
|
Gan, Jimmy
|
dd3e8e0d2c
|
security: remove hardcoded secrets, add health endpoint, add security headers
|
2026-02-20 22:04:01 +08:00 |
|
Gan, Jimmy
|
7aec5976df
|
fix: resolve OpenClaw iframe connection refused and Docker HTTP proxy conflict
|
2026-02-20 17:25:16 +08:00 |
|
Gan, Jimmy
|
ec2f60fb2f
|
fix: add proxy support to httpx to allow Telegram API requests
|
2026-02-20 10:36:59 +08:00 |
|
Gan, Jimmy
|
b063382085
|
feat: add container monitor & telegram alerts
Added asyncio monitoring task to main.py to watch Docker container state transitions and send Telegram notifications on failures.
|
2026-02-20 10:31:18 +08:00 |
|
Gan, Jimmy
|
651bc0580e
|
Phase 7: Auth & Security upgrade (JWT, 2FA, Login UI)
|
2026-02-19 03:47:48 +08:00 |
|
Gan, Jimmy
|
f3db7d3654
|
Dashboard UI overhaul: modern design with system stats, SVG icons, Inter font, theme toggle, loading states, and log modal
|
2026-02-19 02:29:25 +08:00 |
|
Gan, Jimmy
|
70aa421d7f
|
Add NAS dashboard MVP: Docker mgmt, Gitea, Files, Terminal
|
2026-02-19 01:59:50 +08:00 |
|