Commit Graph

3 Commits

Author SHA1 Message Date
Gan, Jimmy 9683cd3165 Add security improvements: refresh tokens, passkeys, CSP, audit logging, TOTP encryption
Deploy Dashboard / deploy (push) Successful in 1m26s
- Shorten access token to 30min with 7-day refresh token flow
- Add WebAuthn passkey registration and login with TOTP fallback
- Add Content-Security-Policy header
- Add audit logging middleware to /volume1/docker/nas-dashboard/audit.log
- Block /volume1/docker/ in files endpoint
- Encrypt TOTP secret at rest with Fernet (derived from SECRET_KEY)
- New deps: py_webauthn, cryptography
2026-02-22 11:04:40 +08:00
Gan, Jimmy c5fcb9bc64 Add CORS, rate limiting, security headers, and files endpoint protection
Deploy Dashboard / deploy (push) Successful in 18s
2026-02-21 11:18:29 +08:00
Gan, Jimmy 70aa421d7f Add NAS dashboard MVP: Docker mgmt, Gitea, Files, Terminal 2026-02-19 01:59:50 +08:00