radziel/spotlightcam
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
197 Commits 1 Branch 0 Tags
fb4e0bea99a9486ca6c476eae51e2396ffe2eb8b
Commit Graph

7 Commits

Author SHA1 Message Date
Radosław Gierwiało
f3b8156557 feat(security): implement Cloudflare Turnstile CAPTCHA on contact form 
- Add Turnstile script to frontend/index.html
- Implement programmatic widget rendering in ContactPage
- Add backend verification via Cloudflare API
- Include client IP in verification request
- Update CSP headers to allow Cloudflare resources
- Add environment variable configuration for site and secret keys
- Pass VITE_TURNSTILE_SITE_KEY to frontend container
- Add validation and error handling for CAPTCHA tokens
 2025-12-05 18:08:05 +01:00
Radosław Gierwiało
537dd112ff feat(scheduler): in-process matching scheduler with audit + admin endpoints 
- Add in-process scheduler service triggered by ENABLE_SCHEDULER
- Record runs in new matching_runs table; throttle per-event and log stats
- Add admin endpoints: POST /api/admin/events/:slug/run-now and GET /api/admin/events/:slug/matching-runs
- Wire scheduler start/stop in server and add ENV flags + compose defaults
- Prisma schema: add MatchingRun model and relation
- Update env examples for scheduler configuration
 2025-11-30 13:14:02 +01:00
Radosław Gierwiało
44df50362a feat(security): implement comprehensive security hardening 
- Add CSRF protection with cookie-based tokens
  - Add cookie-parser and csurf middleware
  - Create GET /api/csrf-token endpoint
  - Frontend automatically includes CSRF token in POST/PUT/DELETE requests
  - Add retry logic for expired CSRF tokens

- Implement account lockout mechanism
  - Add database fields: failedLoginAttempts, lockedUntil
  - Track failed login attempts and lock accounts after max attempts (configurable)
  - Auto-unlock after lockout duration expires
  - Return helpful error messages with remaining time

- Add comprehensive security environment variables
  - Rate limiting configuration (API, auth, email endpoints)
  - CSRF protection toggle
  - Password policy requirements
  - Account lockout settings
  - Logging levels

- Add comprehensive test coverage
  - 6 new tests for account lockout functionality
  - 11 new tests for CSRF protection
  - All tests handle enabled/disabled states gracefully

- Update documentation
  - Add Phase 3 security hardening to SESSION_CONTEXT.md
  - Document new database fields and migration
  - Update progress to 85%

Files changed:
- Backend: app.js, auth controller, security config, new migration
- Frontend: api.js with CSRF token handling
- Tests: auth.test.js (extended), csrf.test.js (new)
- Config: .env examples with security variables
- Docs: SESSION_CONTEXT.md updated
 2025-11-19 20:16:05 +01:00
Radosław Gierwiało
a400068053 feat: add production Docker setup with multi-stage builds 
- Add production Dockerfiles for frontend and backend
  * Frontend: multi-stage build with nginx serving static files
  * Backend: multi-stage build with Prisma generation
- Create production nginx configuration (nginx/conf.d.prod/)
  * Routes to frontend-prod:80 and backend-prod:3000
  * Supports WebSocket connections for Socket.IO
- Update docker-compose.yml to use production config
  * Add env_file support for backend-prod
  * Mount production nginx config directory
- Add .env.production.example template for deployment
 2025-11-15 17:21:25 +01:00
Radosław Gierwiało
27ee0ae365 fix: AWS SES configuration and email verification flow 
Changes:
- Updated AWS_REGION to eu-central-1 in env examples
- Fixed email verification to return new JWT token with updated emailVerified status
- Added updateUser function to AuthContext for token refresh
- Updated frontend to save new token after email verification
- Fixed variable naming conflict (token vs jwtToken) in verification endpoints
- Changed WSDC ID placeholder from 26997 to 12345

This ensures the verification banner disappears immediately after
email verification without requiring re-login.
 2025-11-13 18:59:28 +01:00
Radosław Gierwiało
3ff966defc refactor: migrate to native Docker Compose profiles 
Simplified Docker Compose configuration by using native profiles
instead of override files, following best practices.

Changes:
- Consolidated docker-compose.yml with --profile dev/prod support
- Removed docker-compose.dev.yml and docker-compose.prod.yml
- Updated all documentation for new usage pattern
- Created comprehensive README.md and DEPLOYMENT.md
- Simplified commands: 'docker compose --profile dev up'

Environment-specific configurations:
- Development: relaxed security, hot reload, exposed ports
- Production: strict security, optimized builds, restricted access

This approach is cleaner, more maintainable, and follows Docker
Compose best practices.
 2025-11-13 18:00:08 +01:00
Radosław Gierwiało
bf8a9260bd security: implement CRITICAL and MEDIUM security fixes with environment profiles 
This commit addresses all CRITICAL and MEDIUM security vulnerabilities
identified in the security audit with environment-aware configuration.

## Docker Compose Profiles

- Added docker-compose.dev.yml for development (relaxed security)
- Added docker-compose.prod.yml for production (strict security)
- Environment-specific configurations for rate limiting, CSRF, logging

## CRITICAL Fixes (P0)

1. Fixed insecure random number generation
   - Replaced Math.random() with crypto.randomBytes() for verification codes
   - Now cryptographically secure

2. Implemented rate limiting
   - express-rate-limit for all endpoints
   - Strict limits on auth endpoints (5 attempts in dev=off, prod=5)
   - Email endpoint limits (20 in dev, 3 in prod)
   - API-wide rate limiting

3. Added request body size limits
   - Development: 50MB (for testing)
   - Production: 10KB (security)

4. Fixed user enumeration vulnerability
   - Generic error message for registration
   - No disclosure of which field exists

5. Added security headers
   - helmet.js with CSP, HSTS, XSS protection
   - No-sniff, hide powered-by headers

## MEDIUM Fixes (P1)

6. Strengthened password policy
   - Environment-aware validation (8+ chars)
   - Production: requires uppercase, lowercase, number
   - Development: relaxed for testing

7. Enhanced input validation
   - Validation for all auth endpoints
   - WSDC ID validation (numeric, max 10 digits)
   - Name validation (safe characters only)
   - Email normalization

8. Added input sanitization
   - DOMPurify for XSS prevention
   - Sanitize all user inputs in emails
   - Timing-safe string comparison for tokens

9. Improved error handling
   - Generic errors in production
   - Detailed errors only in development
   - Proper error logging

10. Enhanced CORS configuration
    - Whitelist-based origin validation
    - Environment-specific allowed origins
    - Credentials support

## New Files

- backend/src/config/security.js - Environment-aware security config
- backend/src/middleware/rateLimiter.js - Rate limiting middleware
- backend/src/utils/sanitize.js - Input sanitization utilities
- backend/.env.example - Development environment template
- backend/.env.production.example - Production environment template
- docker-compose.dev.yml - Development overrides
- docker-compose.prod.yml - Production configuration
- docs/DEPLOYMENT.md - Complete deployment guide
- docs/SECURITY_AUDIT.md - Full security audit report
- .gitignore - Updated to exclude .env files

## Dependencies Added

- helmet (^8.1.0) - Security headers
- express-rate-limit (^8.2.1) - Rate limiting
- dompurify (^3.3.0) - XSS prevention
- jsdom (^27.2.0) - DOM manipulation for sanitization

## Testing

-  Password validation works (weak passwords rejected)
-  User enumeration fixed (generic error messages)
-  WSDC lookup functional
-  Registration flow working
-  Rate limiting active (environment-aware)
-  Security headers present

## Usage

Development:
  docker compose -f docker-compose.yml -f docker-compose.dev.yml up

Production:
  docker compose -f docker-compose.yml -f docker-compose.prod.yml up

See docs/DEPLOYMENT.md for detailed instructions.
 2025-11-13 16:39:27 +01:00