Gan, Jimmy 1a37f34401 auth: Sprint 02 — auth hardening (Pydantic models, challenge binding, admin gates)
- Add max_length validation to LoginRequest (username 128, password 1024)
- Replace raw request.json() with Pydantic models in RBAC override/update endpoints
- Replace raw request.json() with Pydantic models in passkey register/login/delete
- Bind passkey challenges to session-bound challenge_id (prevents cross-session replay)
- Gate audit log and security log endpoints behind admin role
- Fix fragile opc_db.json.dumps() → import json directly
- Add COOKIE_SECURE=False startup warning (suppress with ALLOW_INSECURE_COOKIES)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-03 13:45:42 +08:00
2026-03-30 12:33:37 +08:00
2026-03-30 11:26:56 +08:00
S
Description
No description provided
Readme 4.2 MiB
Languages
Python 58.2%
Svelte 32.2%
JavaScript 5.6%
Shell 3.3%
Dockerfile 0.3%
Other 0.3%