morz-infoboard

Author	SHA1	Message	Date
Jesko Anschütz	0e66bfdb24	Tenant-Feature Phase 6: Session-Cleanup, Docker-Env, Security-Fixes, Doku Session-Cleanup: - app.go: stündlicher Ticker für CleanExpiredSessions mit Context-Shutdown Docker/Infra: - compose/.env.example: Vorlage für ADMIN_PASSWORD, DEV_MODE, DEFAULT_TENANT - server-stack.yml: Backend-Service referenziert neue Env-Variablen Security-Review (Larry): - EnsureAdminUser: Admin-Check tenant-scoped statt global - scanUser() (toter Code, falsche Spaltenanzahl) entfernt - RequireTenantAccess: leerer tenantSlug nicht mehr als Bypass nutzbar - Login: Dummy-bcrypt bei unbekanntem User gegen Timing-Leak - Logout-Cookie: Secure-Flag konsistent mit Login gesetzt Doku (Doris): - DEVELOPMENT.md: Abschnitt "Lokale Entwicklung mit Login" - TENANT-FEATURE-PLAN.md: Phase 3-5 Checkboxen abgehakt - TODO.md: erledigte Punkte abgehakt Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-23 19:39:39 +01:00
Jesko Anschütz	27c4562175	Tenant-Feature Phase 3b: Login-Redirect + Tenant-Context in Manage-UI - reqcontext-Package: shared contextKey für httpapi und manage - Login-Redirect: Tenant-User → /manage/<slug>, Admin → /admin - GetUserByUsername: LEFT JOIN tenants für TenantSlug-Befüllung - manage/ui.go: reqcontext.UserFromContext statt hardcoded "morz" Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-23 18:00:02 +01:00
Jesko Anschütz	0b21be6469	Tenant-Feature Phase 3: Auth-Middleware verdrahtet - TenantSlug in User-Struct + GetSessionUser per JOIN befüllt - middleware.go: RequireAuth, RequireAdmin, RequireTenantAccess - router.go: alle Routen mit passendem Middleware-Stack gesichert Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-23 17:52:55 +01:00
Jesko Anschütz	cea393c1a0	Auth Phase 1 Review: Fix 3 critical bugs in auth foundation 1. [SQL] Fix username uniqueness constraint - Changed from global unique to composite unique(tenant_id, username) - Multi-tenant apps need same usernames across tenants (e.g., each tenant can have 'admin') 2. [Go] Fix inconsistent error handling in scanSession - Now returns pgx.ErrNoRows when session not found (like scanUser) - Allows proper 404 vs 500 error distinction in handlers 3. [Go] Add missing VerifyPassword function - Implements bcrypt.CompareHashAndPassword for password verification - Enables login flow with proper error handling for missing users - Paired with existing GenerateFromPassword for secure password hashing Security checks: - SQL injection: All queries parameterized (no string interpolation) - bcrypt: Cost factor 12 (production-recommended) - Session tokens: PostgreSQL gen_random_uuid() (cryptographically secure) - Password hashes: Protected with json:"-" tag (never exposed in responses) - Error handling: Comprehensive, no silent failures Build & Vet: All checks pass (go build ./..., go vet ./...) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-23 15:37:18 +01:00

4 commits